Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

(RESOLU) Infection de Trojan Vundo et invasion de Zango.com sur mon bu

fred62200

Par fred62200
dans Analyses et éradication malwares

 Partager

Messages recommandés

fred62200 Mega Power Member

fred62200

Posté(e)
  • Auteur
Posté(e)

Voila le rapport ewido anti-spyware :

 

__________________________________________________

ewido anti-spyware online scanner

http://www.ewido.net

__________________________________________________

 

 

Name: TrackingCookie.247realmedia

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@247realmedia[2].txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@2o7[1].txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@ad.yieldmanager[1].txt

Risk: Medium

 

Name: TrackingCookie.Clickhype

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@ad1.clickhype[1].txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adbrite[2].txt

Risk: Medium

 

Name: TrackingCookie.Euroclick

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adopt.euroclick[2].txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adrevolver[1].txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@ads.adbrite[2].txt

Risk: Medium

 

Name: TrackingCookie.Adtech

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adtech[1].txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@advertising[1].txt

Risk: Medium

 

Name: TrackingCookie.Adviva

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adviva[2].txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@aoleusearch.122.2o7[1].txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@aolfr.122.2o7[2].txt

Risk: Medium

 

Name: TrackingCookie.Atdmt

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@atdmt[2].txt

Risk: Medium

 

Name: TrackingCookie.Bluestreak

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@bluestreak[2].txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@bs.serving-sys[1].txt

Risk: Medium

 

Name: TrackingCookie.Casinotropez

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@casinotropez[2].txt

Risk: Medium

 

Name: TrackingCookie.Doubleclick

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@doubleclick[1].txt

Risk: Medium

 

Name: TrackingCookie.Estat

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@estat[1].txt

Risk: Medium

 

Name: TrackingCookie.Fastclick

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@fastclick[2].txt

Risk: Medium

 

Name: TrackingCookie.Findwhat

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@findwhat[1].txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@fnac.112.2o7[1].txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@karavel.112.2o7[2].txt

Risk: Medium

 

Name: TrackingCookie.Webtrends

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@m.webtrends[2].txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@media.adrevolver[2].txt

Risk: Medium

 

Name: TrackingCookie.Mediaplex

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@mediaplex[1].txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@msnportal.112.2o7[1].txt

Risk: Medium

 

Name: TrackingCookie.Overture

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@overture[1].txt

Risk: Medium

 

Name: TrackingCookie.Questionmarket

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@questionmarket[1].txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@serving-sys[2].txt

Risk: Medium

 

Name: TrackingCookie.Smartadserver

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@smartadserver[1].txt

Risk: Medium

 

Name: TrackingCookie.Statcounter

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@statcounter[1].txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@tradedoubler[2].txt

Risk: Medium

 

Name: TrackingCookie.Weborama

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@weborama[2].txt

Risk: Medium

 

Name: TrackingCookie.Casinotropez

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@www.casinotropez[1].txt

Risk: Medium

 

Name: Adware.Gator

Path: HKLM\SOFTWARE\Gator.com

Risk: Medium

 

Name: Adware.Gator

Path: HKLM\SOFTWARE\Gator.com\Trickler

Risk: Medium

 

Name: Adware.2020Search

Path: HKU\S-1-5-21-2856856626-3284181221-2173939434-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}

Risk: Medium

 

Name: Adware.2020Search

Path: HKU\S-1-5-21-2856856626-3284181221-2173939434-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: C:\Documents and Settings\Amandine\Cookies\amandine@ad.yieldmanager[2].txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: C:\Documents and Settings\Amandine\Cookies\amandine@adbrite[1].txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: C:\Documents and Settings\Amandine\Cookies\amandine@adrevolver[1].txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: C:\Documents and Settings\Amandine\Cookies\amandine@ads.adbrite[2].txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: C:\Documents and Settings\Amandine\Cookies\amandine@advertising[1].txt

Risk: Medium

 

Name: TrackingCookie.Atdmt

Path: C:\Documents and Settings\Amandine\Cookies\amandine@atdmt[2].txt

Risk: Medium

 

Name: TrackingCookie.Doubleclick

Path: C:\Documents and Settings\Amandine\Cookies\amandine@doubleclick[2].txt

Risk: Medium

 

Name: TrackingCookie.Ru4

Path: C:\Documents and Settings\Amandine\Cookies\amandine@edge.ru4[1].txt

Risk: Medium

 

Name: TrackingCookie.Hitbox

Path: C:\Documents and Settings\Amandine\Cookies\amandine@ehg-avanquest.hitbox[1].txt

Risk: Medium

 

Name: TrackingCookie.Fastclick

Path: C:\Documents and Settings\Amandine\Cookies\amandine@fastclick[1].txt

Risk: Medium

 

Name: TrackingCookie.Hitbox

Path: C:\Documents and Settings\Amandine\Cookies\amandine@hitbox[2].txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: C:\Documents and Settings\Amandine\Cookies\amandine@media.adrevolver[2].txt

Risk: Medium

 

Name: TrackingCookie.Mediaplex

Path: C:\Documents and Settings\Amandine\Cookies\amandine@mediaplex[1].txt

Risk: Medium

 

Name: TrackingCookie.Adjuggler

Path: C:\Documents and Settings\Amandine\Cookies\amandine@rotator.its.adjuggler[2].txt

Risk: Medium

 

Name: TrackingCookie.Webtrendslive

Path: C:\Documents and Settings\Amandine\Cookies\amandine@statse.webtrendslive[2].txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: C:\Documents and Settings\Amandine\Cookies\amandine@tradedoubler[1].txt

Risk: Medium

 

Name: TrackingCookie.Zedo

Path: C:\Documents and Settings\Amandine\Cookies\amandine@zedo[1].txt

Risk: Medium

 

Name: Not-A-Virus.Adware.Agent

Path: C:\Documents and Settings\Amandine\Local Settings\Temp\aupd.exe

Risk: Low

 

Name: TrackingCookie.2o7

Path: :mozilla.6:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.7:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.8:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Smartadserver

Path: :mozilla.9:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Smartadserver

Path: :mozilla.10:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Smartadserver

Path: :mozilla.11:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Smartadserver

Path: :mozilla.21:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Estat

Path: :mozilla.22:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tribalfusion

Path: :mozilla.33:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: :mozilla.45:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: :mozilla.46:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: :mozilla.47:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: :mozilla.48:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Burstnet

Path: :mozilla.61:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Googleadservices

Path: :mozilla.62:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Googleadservices

Path: :mozilla.63:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Hitbox

Path: :mozilla.80:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Weborama

Path: :mozilla.81:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Weborama

Path: :mozilla.82:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Sitestat

Path: :mozilla.84:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Sitestat

Path: :mozilla.85:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adobe

Path: :mozilla.90:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.94:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Statcounter

Path: :mozilla.95:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.128:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Hitbox

Path: :mozilla.142:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Netflame

Path: :mozilla.148:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Imrworldwide

Path: :mozilla.152:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Imrworldwide

Path: :mozilla.153:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Webtrendslive

Path: :mozilla.165:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Fastclick

Path: :mozilla.168:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Fastclick

Path: :mozilla.169:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.170:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Mediaplex

Path: :mozilla.174:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Comclick

Path: :mozilla.182:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Comclick

Path: :mozilla.183:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Comclick

Path: :mozilla.184:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Burstbeacon

Path: :mozilla.185:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.189:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.190:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.191:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.192:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.193:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.194:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Clickhype

Path: :mozilla.199:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.204:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Doubleclick

Path: :mozilla.209:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Bluestreak

Path: :mozilla.210:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adtech

Path: :mozilla.211:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.213:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.214:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.215:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: :mozilla.216:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: :mozilla.217:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.218:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.219:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.220:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.247realmedia

Path: :mozilla.224:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: :mozilla.236:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: :mozilla.237:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: :mozilla.238:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: :mozilla.239:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: Not-A-Virus.Adware.Agent

Path: C:\Documents and Settings\DENDECKER\Local Settings\Temp\aupd.exe

Risk: Low

 

Name: Not-A-Virus.Adware.Agent

Path: C:\Documents and Settings\DENDECKER\Local Settings\Temp\tmp60.tmp.exe

Risk: Low

 

Name: Adware.PowerSearch

Path: C:\Program Files\Hijackthis\hijackthis\backups\backup-20080129-231919-931.dll

Risk: Medium

 

Name: Not-A-Virus.Adware.Agent

Path: C:\QooBox\Quarantine\C\WINDOWS\system32\nsn31.dll.vir

Risk: Low

 

Name: Adware.PowerSearch

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP10\A0001263.dll

Risk: Medium

 

Name: Not-A-Virus.Adware.Agent

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP7\A0000197.dll

Risk: Low

 

Name: Not-A-Virus.Adware.Agent

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP7\A0000207.dll

Risk: Low

 

Name: Not-A-Virus.Adware.Agent

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP7\A0000217.dll

Risk: Low

 

Name: Not-A-Virus.Adware.Agent

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP8\A0000225.dll

Risk: Low

 

 

Voila le rapport moved files :

 

File/Folder C:\WINDOWS\system32\pbfrv2.dll not found.

File/Folder C:\WINDOWS\System32\dcads-remove.exe not found.

File/Folder C:\WINDOWS\System32\substpntx8.dll not found.

File/Folder C:\WINDOWS\System32\nsn31.dll not found.

C:\Program Files\dbar moved successfully.

C:\Documents and Settings\DENDECKER\Application Data\WinButler moved successfully.

File/Folder C:\Documents and Settings\DENDECKER\Application Data\Deskbar_{941792BD-1B18-4c50-AEB2-4288265AC614} not found.

File/Folder C:\Program Files\dbar not found.

C:\Program Files\Dynamic Toolbar\PBFRV2\Cache moved successfully.

C:\Program Files\Dynamic Toolbar\PBFRV2 moved successfully.

C:\Program Files\Dynamic Toolbar\Cache moved successfully.

C:\Program Files\Dynamic Toolbar moved successfully.

 

OTMoveIt2 v1.0.15 log created on 01292008_232657

fred62200 Mega Power Member

fred62200

Posté(e)
  • Auteur
Posté(e)

Voila mon rapport HiJackThis :

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:39, on 2008-01-30

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe

C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe

c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe

c:\APPS\Powercinema\Kernel\TV\CLSched.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

c:\APPS\HIDSERVICE\HIDSERVICE.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Apps\Powercinema\PCMService.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Documents and Settings\DENDECKER\Bureau\ewido_micro.exe

C:\Program Files\internet explorer\iexplore.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\Hijackthis\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.club-internet.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://127.0.0.1:8100/PagesPro?

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"

O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\RunOnce: [HDReg] c:\Apps\HDReg\HDRegApp.exe -r

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background

O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\microsoft office\office11\ONENOTEM.EXE

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/...erInstaller.cab

O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab

O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - http://espaceabonnes.club-internet.fr/serv...ec/SymDlBrg.cab

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe

O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe

O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe

O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

 

--

End of file - 13473 bytes

 

ok pour les rapports: peux tu me poster un nouveau rapport hijackthis stp ?
fred62200 Mega Power Member

fred62200

Posté(e)
  • Auteur
Posté(e)

Mon anti-virus m'a dit : attention erreur systeme : il existe un nom en double sur le réseau.

 

Voila mon rapport HiJackThis :

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:39, on 2008-01-30

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe

C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe

c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe

c:\APPS\Powercinema\Kernel\TV\CLSched.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

c:\APPS\HIDSERVICE\HIDSERVICE.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Apps\Powercinema\PCMService.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Documents and Settings\DENDECKER\Bureau\ewido_micro.exe

C:\Program Files\internet explorer\iexplore.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\Hijackthis\hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://portail.club-internet.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://127.0.0.1:8100/PagesPro?

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.5\UIBHO.dll

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"

O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"

O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\RunOnce: [HDReg] c:\Apps\HDReg\HDRegApp.exe -r

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background

O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\microsoft office\office11\ONENOTEM.EXE

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/...erInstaller.cab

O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab

O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - http://espaceabonnes.club-internet.fr/serv...ec/SymDlBrg.cab

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe

O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe

O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe

O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe

O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

 

--

End of file - 13473 bytes

fred62200 Mega Power Member

fred62200

Posté(e)
  • Auteur
Posté(e)

Je n'ai pas cliqué sur Remove Infections dans ewindo antispyware, puisque tu m'as dit qu'il fallait vérifier s'il n'y avait pas de fichiers légitimes.

 

Mon anti-virus m'a dit : attention erreur systeme : il existe un nom en double sur le réseau.
Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

salut :P

 

Je n'ai pas cliqué sur Remove Infections dans ewindo antispyware

Tu peux refaire le scan et sélectionner "Remove Infections" > ewido anti-spyware micro scanner n'a rien trouvé d'inquiêtant je te rassure :P

Mon anti-virus m'a dit : attention erreur systeme : il existe un nom en double sur le réseau.

Est ce que tu peux préciser le contenu du message exact ? de quel nom s'agit il ?

 

1) Passe cet outil pour nettoyer >

 

Télécharge ATF Cleaner by Atribune sur ton bureau.

 

Double-clique sur ATF Cleaner afin de lancer le programme.

  • Sous l'onglet Main, choisis : Select All
    Clique sur le bouton Empty Selected
     
    Si tu utilises le navigateur Firefox :
     
     
  • Clique Firefox au haut et choisis : Select All
    Clique le bouton Empty Selected
    NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.
     
    Si tu utilises le navigateur Opera :
     
     
  • Clique Opera au haut et choisis : Select All
    Clique le bouton Empty Selected
    NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.
     
    Clique Exit, du menu prinicipal, afin de fermer le programme.

* Si l'onglet "Firefox" est grisé dans ATF,nettoie le cache et les cookies dans Firefox comme ceci :

  • Ouvre Firefox et clique sur Outils=> Options
  • Clique sur l'onglet Vie Privée
  • clique sur le bouton Vider le cache dans l'onglet "Historique"
  • clique sur le bouton Supprimer les cookies dans l'onglet "Cookies"
  • clique sur le bouton Vider le cache dans l'onglet "Cache"
  • clique sur le bouton Ok pour fermer la fenêtre des options et valider tes choix.

2) Refais le scan ewido anti-spyware micro scanner et choisis "Remove Infections".

 

Je vois d'après le rapport que tu as utilisé ComboFix ? poste son rapport stp: il se trouve dans le répertoire C:\ et se nomme ComboFix.txt

 

Est ce que tu as encore ces pubs qui s'affichent ?

fred62200 Mega Power Member

fred62200

Posté(e)
  • Auteur
Posté(e)

Voila mon rapport ewido :

 

__________________________________________________

ewido anti-spyware online scanner

http://www.ewido.net

__________________________________________________

 

 

Name: TrackingCookie.247realmedia

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@247realmedia[2].txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@2o7[1].txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@ad.yieldmanager[1].txt

Risk: Medium

 

Name: TrackingCookie.Clickhype

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@ad1.clickhype[1].txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adbrite[2].txt

Risk: Medium

 

Name: TrackingCookie.Euroclick

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adopt.euroclick[2].txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adrevolver[1].txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@ads.adbrite[2].txt

Risk: Medium

 

Name: TrackingCookie.Adtech

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adtech[1].txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@advertising[1].txt

Risk: Medium

 

Name: TrackingCookie.Adviva

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adviva[1].txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@aoleusearch.122.2o7[1].txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@aolfr.122.2o7[2].txt

Risk: Medium

 

Name: TrackingCookie.Atdmt

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@atdmt[2].txt

Risk: Medium

 

Name: TrackingCookie.Bluestreak

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@bluestreak[2].txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@bs.serving-sys[1].txt

Risk: Medium

 

Name: TrackingCookie.Casinotropez

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@casinotropez[2].txt

Risk: Medium

 

Name: TrackingCookie.Doubleclick

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@doubleclick[1].txt

Risk: Medium

 

Name: TrackingCookie.Estat

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@estat[1].txt

Risk: Medium

 

Name: TrackingCookie.Fastclick

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@fastclick[2].txt

Risk: Medium

 

Name: TrackingCookie.Findwhat

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@findwhat[1].txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@fnac.112.2o7[1].txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@karavel.112.2o7[2].txt

Risk: Medium

 

Name: TrackingCookie.Webtrends

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@m.webtrends[2].txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@media.adrevolver[2].txt

Risk: Medium

 

Name: TrackingCookie.Mediaplex

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@mediaplex[1].txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@msnportal.112.2o7[1].txt

Risk: Medium

 

Name: TrackingCookie.Overture

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@overture[1].txt

Risk: Medium

 

Name: TrackingCookie.Questionmarket

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@questionmarket[1].txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@serving-sys[2].txt

Risk: Medium

 

Name: TrackingCookie.Smartadserver

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@smartadserver[2].txt

Risk: Medium

 

Name: TrackingCookie.Statcounter

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@statcounter[1].txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@tradedoubler[2].txt

Risk: Medium

 

Name: TrackingCookie.Weborama

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@weborama[2].txt

Risk: Medium

 

Name: TrackingCookie.Casinotropez

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@www.casinotropez[1].txt

Risk: Medium

 

Name: Adware.Gator

Path: HKLM\SOFTWARE\Gator.com

Risk: Medium

 

Name: Adware.Gator

Path: HKLM\SOFTWARE\Gator.com\Trickler

Risk: Medium

 

Name: Adware.2020Search

Path: HKU\S-1-5-21-2856856626-3284181221-2173939434-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}

Risk: Medium

 

Name: Adware.2020Search

Path: HKU\S-1-5-21-2856856626-3284181221-2173939434-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: C:\Documents and Settings\Amandine\Cookies\amandine@ad.yieldmanager[2].txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: C:\Documents and Settings\Amandine\Cookies\amandine@adbrite[1].txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: C:\Documents and Settings\Amandine\Cookies\amandine@adrevolver[1].txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: C:\Documents and Settings\Amandine\Cookies\amandine@ads.adbrite[2].txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: C:\Documents and Settings\Amandine\Cookies\amandine@advertising[1].txt

Risk: Medium

 

Name: TrackingCookie.Atdmt

Path: C:\Documents and Settings\Amandine\Cookies\amandine@atdmt[2].txt

Risk: Medium

 

Name: TrackingCookie.Doubleclick

Path: C:\Documents and Settings\Amandine\Cookies\amandine@doubleclick[2].txt

Risk: Medium

 

Name: TrackingCookie.Ru4

Path: C:\Documents and Settings\Amandine\Cookies\amandine@edge.ru4[1].txt

Risk: Medium

 

Name: TrackingCookie.Hitbox

Path: C:\Documents and Settings\Amandine\Cookies\amandine@ehg-avanquest.hitbox[1].txt

Risk: Medium

 

Name: TrackingCookie.Fastclick

Path: C:\Documents and Settings\Amandine\Cookies\amandine@fastclick[1].txt

Risk: Medium

 

Name: TrackingCookie.Hitbox

Path: C:\Documents and Settings\Amandine\Cookies\amandine@hitbox[2].txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: C:\Documents and Settings\Amandine\Cookies\amandine@media.adrevolver[2].txt

Risk: Medium

 

Name: TrackingCookie.Mediaplex

Path: C:\Documents and Settings\Amandine\Cookies\amandine@mediaplex[1].txt

Risk: Medium

 

Name: TrackingCookie.Adjuggler

Path: C:\Documents and Settings\Amandine\Cookies\amandine@rotator.its.adjuggler[2].txt

Risk: Medium

 

Name: TrackingCookie.Webtrendslive

Path: C:\Documents and Settings\Amandine\Cookies\amandine@statse.webtrendslive[2].txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: C:\Documents and Settings\Amandine\Cookies\amandine@tradedoubler[1].txt

Risk: Medium

 

Name: TrackingCookie.Zedo

Path: C:\Documents and Settings\Amandine\Cookies\amandine@zedo[1].txt

Risk: Medium

 

Name: Not-A-Virus.Adware.Agent

Path: C:\Documents and Settings\Amandine\Local Settings\Temp\aupd.exe

Risk: Low

 

Name: TrackingCookie.2o7

Path: :mozilla.6:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.7:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.8:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Smartadserver

Path: :mozilla.9:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Smartadserver

Path: :mozilla.10:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Smartadserver

Path: :mozilla.11:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Smartadserver

Path: :mozilla.21:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Estat

Path: :mozilla.22:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tribalfusion

Path: :mozilla.33:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: :mozilla.45:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: :mozilla.46:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: :mozilla.47:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: :mozilla.48:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Burstnet

Path: :mozilla.61:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Googleadservices

Path: :mozilla.62:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Googleadservices

Path: :mozilla.63:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Hitbox

Path: :mozilla.80:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Weborama

Path: :mozilla.81:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Weborama

Path: :mozilla.82:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Sitestat

Path: :mozilla.84:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Sitestat

Path: :mozilla.85:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adobe

Path: :mozilla.90:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.94:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Statcounter

Path: :mozilla.95:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.128:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Hitbox

Path: :mozilla.142:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Netflame

Path: :mozilla.148:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Imrworldwide

Path: :mozilla.152:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Imrworldwide

Path: :mozilla.153:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Webtrendslive

Path: :mozilla.165:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Fastclick

Path: :mozilla.168:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Fastclick

Path: :mozilla.169:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.170:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Mediaplex

Path: :mozilla.174:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Comclick

Path: :mozilla.182:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Comclick

Path: :mozilla.183:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Comclick

Path: :mozilla.184:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Burstbeacon

Path: :mozilla.185:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.189:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.190:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.191:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.192:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.193:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.194:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Clickhype

Path: :mozilla.199:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.204:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Doubleclick

Path: :mozilla.209:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Bluestreak

Path: :mozilla.210:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adtech

Path: :mozilla.211:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.213:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.214:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.215:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: :mozilla.216:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: :mozilla.217:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.218:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.219:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.220:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.247realmedia

Path: :mozilla.224:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: :mozilla.236:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: :mozilla.237:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: :mozilla.238:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: :mozilla.239:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: Not-A-Virus.Adware.Agent

Path: C:\Documents and Settings\DENDECKER\Local Settings\Temp\aupd.exe

Risk: Low

 

Name: Not-A-Virus.Adware.Agent

Path: C:\Documents and Settings\DENDECKER\Local Settings\Temp\tmp60.tmp.exe

Risk: Low

 

Name: Downloader.Agent.gzp

Path: C:\Documents and Settings\DENDECKER\Local Settings\Temp\WinBuninstaller.exe

Risk: High

 

Name: Downloader.Agent.fwr

Path: C:\Documents and Settings\DENDECKER\Local Settings\Temp\WinButler.exe

Risk: High

 

Name: Dropper.Agent.dkn

Path: C:\Documents and Settings\DENDECKER\Mes documents\Flight Simulator 9\Setup.exe

Risk: High

 

Name: Adware.PowerSearch

Path: C:\Program Files\Hijackthis\hijackthis\backups\backup-20080129-231919-931.dll

Risk: Medium

 

Name: Not-A-Virus.Adware.Agent

Path: C:\QooBox\Quarantine\C\WINDOWS\system32\nsn31.dll.vir

Risk: Low

 

Name: Adware.PowerSearch

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP10\A0001263.dll

Risk: Medium

 

Name: Downloader.Agent.gzp

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP10\A0001266.exe

Risk: High

 

Name: Downloader.Agent.fwr

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP10\A0001267.exe

Risk: High

 

Name: Not-A-Virus.Adware.Agent

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP7\A0000197.dll

Risk: Low

 

Name: Not-A-Virus.Adware.Agent

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP7\A0000207.dll

Risk: Low

 

Name: Not-A-Virus.Adware.Agent

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP7\A0000217.dll

Risk: Low

 

Name: Not-A-Virus.Adware.Agent

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP8\A0000225.dll

Risk: Low

 

salut :P

Tu peux refaire le scan et sélectionner "Remove Infections" > ewido anti-spyware micro scanner n'a rien trouvé d'inquiêtant je te rassure :P

 

Est ce que tu peux préciser le contenu du message exact ? de quel nom s'agit il ?

 

1) Passe cet outil pour nettoyer >

 

Télécharge ATF Cleaner by Atribune sur ton bureau.

 

Double-clique sur ATF Cleaner afin de lancer le programme.

  • Sous l'onglet Main, choisis : Select All
    Clique sur le bouton Empty Selected
     
    Si tu utilises le navigateur Firefox :
     
     
  • Clique Firefox au haut et choisis : Select All
    Clique le bouton Empty Selected
    NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.
     
    Si tu utilises le navigateur Opera :
     
     
  • Clique Opera au haut et choisis : Select All
    Clique le bouton Empty Selected
    NOTE : Si tu veux conserver tes mots de passe sauvegardés, clique No à l'invite.
     
    Clique Exit, du menu prinicipal, afin de fermer le programme.

* Si l'onglet "Firefox" est grisé dans ATF,nettoie le cache et les cookies dans Firefox comme ceci :

  • Ouvre Firefox et clique sur Outils=> Options
  • Clique sur l'onglet Vie Privée
  • clique sur le bouton Vider le cache dans l'onglet "Historique"
  • clique sur le bouton Supprimer les cookies dans l'onglet "Cookies"
  • clique sur le bouton Vider le cache dans l'onglet "Cache"
  • clique sur le bouton Ok pour fermer la fenêtre des options et valider tes choix.

2) Refais le scan ewido anti-spyware micro scanner et choisis "Remove Infections".

 

Je vois d'après le rapport que tu as utilisé ComboFix ? poste son rapport stp: il se trouve dans le répertoire C:\ et se nomme ComboFix.txt

 

Est ce que tu as encore ces pubs qui s'affichent ?

fred62200 Mega Power Member

fred62200

Posté(e)
  • Auteur
Posté(e)

Pour le message Attention erreur systeme : nom en double sur le réseau :

Il n'y a pas plus de précisons (meme quand je clique sur le message).

 

Voila mon rapport ewido :

 

__________________________________________________

ewido anti-spyware online scanner

http://www.ewido.net

__________________________________________________

Name: TrackingCookie.247realmedia

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@247realmedia[2].txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@2o7[1].txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@ad.yieldmanager[1].txt

Risk: Medium

 

Name: TrackingCookie.Clickhype

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@ad1.clickhype[1].txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adbrite[2].txt

Risk: Medium

 

Name: TrackingCookie.Euroclick

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adopt.euroclick[2].txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adrevolver[1].txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@ads.adbrite[2].txt

Risk: Medium

 

Name: TrackingCookie.Adtech

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adtech[1].txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@advertising[1].txt

Risk: Medium

 

Name: TrackingCookie.Adviva

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@adviva[1].txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@aoleusearch.122.2o7[1].txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@aolfr.122.2o7[2].txt

Risk: Medium

 

Name: TrackingCookie.Atdmt

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@atdmt[2].txt

Risk: Medium

 

Name: TrackingCookie.Bluestreak

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@bluestreak[2].txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@bs.serving-sys[1].txt

Risk: Medium

 

Name: TrackingCookie.Casinotropez

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@casinotropez[2].txt

Risk: Medium

 

Name: TrackingCookie.Doubleclick

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@doubleclick[1].txt

Risk: Medium

 

Name: TrackingCookie.Estat

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@estat[1].txt

Risk: Medium

 

Name: TrackingCookie.Fastclick

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@fastclick[2].txt

Risk: Medium

 

Name: TrackingCookie.Findwhat

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@findwhat[1].txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@fnac.112.2o7[1].txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@karavel.112.2o7[2].txt

Risk: Medium

 

Name: TrackingCookie.Webtrends

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@m.webtrends[2].txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@media.adrevolver[2].txt

Risk: Medium

 

Name: TrackingCookie.Mediaplex

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@mediaplex[1].txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@msnportal.112.2o7[1].txt

Risk: Medium

 

Name: TrackingCookie.Overture

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@overture[1].txt

Risk: Medium

 

Name: TrackingCookie.Questionmarket

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@questionmarket[1].txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@serving-sys[2].txt

Risk: Medium

 

Name: TrackingCookie.Smartadserver

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@smartadserver[2].txt

Risk: Medium

 

Name: TrackingCookie.Statcounter

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@statcounter[1].txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@tradedoubler[2].txt

Risk: Medium

 

Name: TrackingCookie.Weborama

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@weborama[2].txt

Risk: Medium

 

Name: TrackingCookie.Casinotropez

Path: C:\Documents and Settings\DENDECKER\Cookies\dendecker@www.casinotropez[1].txt

Risk: Medium

 

Name: Adware.Gator

Path: HKLM\SOFTWARE\Gator.com

Risk: Medium

 

Name: Adware.Gator

Path: HKLM\SOFTWARE\Gator.com\Trickler

Risk: Medium

 

Name: Adware.2020Search

Path: HKU\S-1-5-21-2856856626-3284181221-2173939434-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}

Risk: Medium

 

Name: Adware.2020Search

Path: HKU\S-1-5-21-2856856626-3284181221-2173939434-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: C:\Documents and Settings\Amandine\Cookies\amandine@ad.yieldmanager[2].txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: C:\Documents and Settings\Amandine\Cookies\amandine@adbrite[1].txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: C:\Documents and Settings\Amandine\Cookies\amandine@adrevolver[1].txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: C:\Documents and Settings\Amandine\Cookies\amandine@ads.adbrite[2].txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: C:\Documents and Settings\Amandine\Cookies\amandine@advertising[1].txt

Risk: Medium

 

Name: TrackingCookie.Atdmt

Path: C:\Documents and Settings\Amandine\Cookies\amandine@atdmt[2].txt

Risk: Medium

 

Name: TrackingCookie.Doubleclick

Path: C:\Documents and Settings\Amandine\Cookies\amandine@doubleclick[2].txt

Risk: Medium

 

Name: TrackingCookie.Ru4

Path: C:\Documents and Settings\Amandine\Cookies\amandine@edge.ru4[1].txt

Risk: Medium

 

Name: TrackingCookie.Hitbox

Path: C:\Documents and Settings\Amandine\Cookies\amandine@ehg-avanquest.hitbox[1].txt

Risk: Medium

 

Name: TrackingCookie.Fastclick

Path: C:\Documents and Settings\Amandine\Cookies\amandine@fastclick[1].txt

Risk: Medium

 

Name: TrackingCookie.Hitbox

Path: C:\Documents and Settings\Amandine\Cookies\amandine@hitbox[2].txt

Risk: Medium

 

Name: TrackingCookie.Adrevolver

Path: C:\Documents and Settings\Amandine\Cookies\amandine@media.adrevolver[2].txt

Risk: Medium

 

Name: TrackingCookie.Mediaplex

Path: C:\Documents and Settings\Amandine\Cookies\amandine@mediaplex[1].txt

Risk: Medium

 

Name: TrackingCookie.Adjuggler

Path: C:\Documents and Settings\Amandine\Cookies\amandine@rotator.its.adjuggler[2].txt

Risk: Medium

 

Name: TrackingCookie.Webtrendslive

Path: C:\Documents and Settings\Amandine\Cookies\amandine@statse.webtrendslive[2].txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: C:\Documents and Settings\Amandine\Cookies\amandine@tradedoubler[1].txt

Risk: Medium

 

Name: TrackingCookie.Zedo

Path: C:\Documents and Settings\Amandine\Cookies\amandine@zedo[1].txt

Risk: Medium

 

Name: Not-A-Virus.Adware.Agent

Path: C:\Documents and Settings\Amandine\Local Settings\Temp\aupd.exe

Risk: Low

 

Name: TrackingCookie.2o7

Path: :mozilla.6:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.7:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.8:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Smartadserver

Path: :mozilla.9:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Smartadserver

Path: :mozilla.10:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Smartadserver

Path: :mozilla.11:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Smartadserver

Path: :mozilla.21:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Estat

Path: :mozilla.22:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tribalfusion

Path: :mozilla.33:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: :mozilla.45:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: :mozilla.46:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: :mozilla.47:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Tradedoubler

Path: :mozilla.48:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Burstnet

Path: :mozilla.61:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Googleadservices

Path: :mozilla.62:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Googleadservices

Path: :mozilla.63:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Hitbox

Path: :mozilla.80:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Weborama

Path: :mozilla.81:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Weborama

Path: :mozilla.82:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Sitestat

Path: :mozilla.84:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Sitestat

Path: :mozilla.85:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adobe

Path: :mozilla.90:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.94:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Statcounter

Path: :mozilla.95:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.128:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Hitbox

Path: :mozilla.142:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Netflame

Path: :mozilla.148:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Imrworldwide

Path: :mozilla.152:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Imrworldwide

Path: :mozilla.153:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Webtrendslive

Path: :mozilla.165:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Fastclick

Path: :mozilla.168:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Fastclick

Path: :mozilla.169:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.170:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Mediaplex

Path: :mozilla.174:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Comclick

Path: :mozilla.182:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Comclick

Path: :mozilla.183:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Comclick

Path: :mozilla.184:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Burstbeacon

Path: :mozilla.185:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.189:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.190:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.191:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.192:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.193:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.194:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Clickhype

Path: :mozilla.199:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.2o7

Path: :mozilla.204:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Doubleclick

Path: :mozilla.209:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Bluestreak

Path: :mozilla.210:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adtech

Path: :mozilla.211:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Serving-sys

Path: :mozilla.213:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.214:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.215:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: :mozilla.216:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Adbrite

Path: :mozilla.217:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.218:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.219:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Yieldmanager

Path: :mozilla.220:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.247realmedia

Path: :mozilla.224:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: :mozilla.236:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: :mozilla.237:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: :mozilla.238:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: TrackingCookie.Advertising

Path: :mozilla.239:C:\Documents and Settings\DENDECKER\Application Data\Mozilla\Firefox\Profiles\qimhvzcu.default\cookies.txt

Risk: Medium

 

Name: Not-A-Virus.Adware.Agent

Path: C:\Documents and Settings\DENDECKER\Local Settings\Temp\aupd.exe

Risk: Low

 

Name: Not-A-Virus.Adware.Agent

Path: C:\Documents and Settings\DENDECKER\Local Settings\Temp\tmp60.tmp.exe

Risk: Low

 

Name: Downloader.Agent.gzp

Path: C:\Documents and Settings\DENDECKER\Local Settings\Temp\WinBuninstaller.exe

Risk: High

 

Name: Downloader.Agent.fwr

Path: C:\Documents and Settings\DENDECKER\Local Settings\Temp\WinButler.exe

Risk: High

 

Name: Dropper.Agent.dkn

Path: C:\Documents and Settings\DENDECKER\Mes documents\Flight Simulator 9\Setup.exe

Risk: High

 

Name: Adware.PowerSearch

Path: C:\Program Files\Hijackthis\hijackthis\backups\backup-20080129-231919-931.dll

Risk: Medium

 

Name: Not-A-Virus.Adware.Agent

Path: C:\QooBox\Quarantine\C\WINDOWS\system32\nsn31.dll.vir

Risk: Low

 

Name: Adware.PowerSearch

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP10\A0001263.dll

Risk: Medium

 

Name: Downloader.Agent.gzp

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP10\A0001266.exe

Risk: High

 

Name: Downloader.Agent.fwr

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP10\A0001267.exe

Risk: High

 

Name: Not-A-Virus.Adware.Agent

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP7\A0000197.dll

Risk: Low

 

Name: Not-A-Virus.Adware.Agent

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP7\A0000207.dll

Risk: Low

 

Name: Not-A-Virus.Adware.Agent

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP7\A0000217.dll

Risk: Low

 

Name: Not-A-Virus.Adware.Agent

Path: C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP8\A0000225.dll

Risk: Low

fred62200 Mega Power Member

fred62200

Posté(e)
  • Auteur
Posté(e)

Voila le rapport ComboFix :

 

ComboFix 08-01-29.3 - DENDECKER 2008-01-29 17:59:44.1 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.141 [GMT 1:00]

Endroit: C:\Documents and Settings\DENDECKER\Bureau\ComboFix.exe

* Création d'un nouveau point de restauration

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\WINDOWS\system32\nsn31.dll

C:\WINDOWS\system32\substpntx8.dll

 

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

 

.

-------\poof

 

 

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-28 to 2008-01-29 ))))))))))))))))))))))))))))))))))))

.

 

2008-01-29 11:54 . 2008-01-29 11:54 8,927,828 --a------ C:\upload_moi_ALBERT.tar.gz

2008-01-28 18:58 . 2008-01-28 18:58 <REP> d-------- C:\Program Files\dbar

2008-01-28 18:58 . 2008-01-28 18:58 <REP> d-------- C:\Documents and Settings\DENDECKER\Application Data\Deskbar_{941792BD-1B18-4c50-AEB2-4288265AC614}

2008-01-27 20:55 . 2008-01-28 21:06 <REP> d-------- C:\Program Files\winvi

2008-01-25 17:25 . 2008-01-25 17:25 63,488 --a------ C:\WINDOWS\xobglu16.dll

2008-01-25 17:25 . 2008-01-25 17:25 23,552 --a------ C:\WINDOWS\xobglu32.dll

2008-01-23 20:51 . 2008-01-23 20:51 <REP> d-------- C:\Program Files\Illustrate

2008-01-23 20:51 . 2007-02-02 01:52 4,131,192 --a------ C:\WINDOWS\system32\SpoonUninstall.exe

2008-01-23 20:51 . 2008-01-23 20:50 33,846 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.bmp

2008-01-23 20:51 . 2008-01-23 20:51 13,083 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat

2008-01-23 14:40 . 1997-02-26 22:57 1,334,032 --------- C:\WINDOWS\Msvbvm50.dll

2008-01-23 14:40 . 1999-05-23 15:28 967,168 --------- C:\WINDOWS\dirapi.dll

2008-01-23 14:40 . 1999-05-05 22:22 598,288 --------- C:\WINDOWS\Oleaut32.dll

2008-01-23 14:40 . 1999-05-23 15:26 394,752 --------- C:\WINDOWS\Iml32.dll

2008-01-23 14:40 . 1997-02-26 22:57 192,272 --------- C:\WINDOWS\Mci32.ocx

2008-01-15 16:33 . 2008-01-15 16:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion

2008-01-15 16:31 . 2008-01-15 16:31 <REP> d-------- C:\Program Files\Yahoo!

2008-01-15 16:31 . 2008-01-15 16:32 <REP> d-------- C:\Program Files\CCleaner

2008-01-10 21:05 . 2008-01-10 21:05 <REP> d-------- C:\Program Files\eMule 0.47c

2008-01-02 15:00 . 2008-01-02 15:00 1,409 --a------ C:\WINDOWS\system32\tmp57367.FOT

2008-01-02 15:00 . 2008-01-02 15:00 1,409 --a------ C:\WINDOWS\system32\tmp55367.FOT

2008-01-02 15:00 . 2008-01-02 15:00 1,409 --a------ C:\WINDOWS\system32\tmp48367.FOT

2008-01-02 15:00 . 2008-01-02 15:00 1,409 --a------ C:\WINDOWS\system32\tmp3A367.FOT

2007-12-30 17:54 . 2007-12-30 19:04 <REP> d-------- C:\Extra M.A.M.E

2007-12-30 15:37 . 2007-12-30 18:38 80,097 --a------ C:\WINDOWS\system32\dcads-remove.exe

2007-12-30 14:59 . 2007-12-30 14:59 <REP> d-------- C:\Program Files\vso

2007-12-30 14:59 . 2007-12-30 14:59 39,488 --a------ C:\WINDOWS\system32\drivers\Pcouffin.sys

2007-12-29 16:00 . 2008-01-29 10:39 <REP> d-------- C:\Documents and Settings\DENDECKER\Application Data\WinButler

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-01-29 17:07 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared

2008-01-29 16:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec

2008-01-26 15:35 --------- d-----w C:\Program Files\PokerStars

2008-01-23 13:41 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-01-23 13:39 --------- d-----w C:\Program Files\Disney Interactive

2008-01-20 17:46 --------- d-----w C:\Program Files\Warcraft III

2007-12-29 17:08 --------- d-----w C:\Program Files\Microsoft Games

2007-12-26 21:50 --------- d-----w C:\Program Files\Shareaza

2007-12-26 21:50 --------- d-----w C:\Documents and Settings\DENDECKER\Application Data\Shareaza

2007-12-26 12:58 44,238 ----a-w C:\WINDOWS\system32\drivers\memsysdrv.sys

2007-12-24 14:38 --------- d-----w C:\Documents and Settings\DENDECKER\Application Data\DivX

2007-12-24 14:13 --------- d-----w C:\Program Files\Google

2007-12-24 14:10 --------- d-----w C:\Program Files\DivX

2007-12-23 18:02 --------- d-----w C:\Program Files\Nouveau dossier

2007-12-22 19:55 --------- d-----w C:\Program Files\Fichiers communs\Macromedia

2007-12-22 19:54 --------- d-----w C:\Program Files\Macromedia

2007-12-18 18:07 --------- d-----w C:\Documents and Settings\DENDECKER\Application Data\AdobeUM

2007-12-17 22:51 --------- d-----w C:\Program Files\PSCS2Updater

2007-12-17 22:21 --------- d-----w C:\Program Files\Fichiers communs\Adobe

2007-12-17 22:17 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared

2007-12-17 22:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems

2007-12-16 16:36 --------- d-----w C:\Documents and Settings\DENDECKER\Application Data\AdobeAUM

2007-12-09 19:25 --------- d-----w C:\Documents and Settings\DENDECKER\Application Data\Apple Computer

2007-12-09 19:21 --------- d-----w C:\Program Files\QuickTime

2007-12-09 18:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer

2007-12-09 11:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet

2007-12-05 10:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink

2007-12-05 09:36 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF

2007-12-05 09:36 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS

2007-12-05 09:36 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT

2007-12-05 09:36 --------- d-----w C:\Program Files\Symantec

2007-12-05 09:35 --------- d-----w C:\Program Files\Norton Internet Security

2007-12-04 19:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink

2007-11-30 22:57 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys

2007-11-30 22:57 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys

2007-11-30 22:57 279,088 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys

2007-11-30 22:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspx.cat

2007-11-30 22:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspl.cat

2007-11-30 22:57 10,545 ----a-w C:\WINDOWS\system32\drivers\srtsp.cat

2007-11-30 22:57 1,430 ----a-w C:\WINDOWS\system32\drivers\srtspl.inf

2007-11-30 22:57 1,421 ----a-w C:\WINDOWS\system32\drivers\srtspx.inf

2007-11-30 22:57 1,415 ----a-w C:\WINDOWS\system32\drivers\srtsp.inf

2007-11-29 23:30 --------- d-----w C:\Program Files\Windows Live

2007-10-04 20:03 49,245,328 ----a-w C:\Program Files\Install_NortonInternetSecurity_FR.exe

2007-09-19 19:16 42,641,512 ----a-w C:\Program Files\Install_NortonAntiVirus2007_FR.exe

2004-09-20 20:23 2,974 ----a-w C:\Program Files\orion.nfo

2004-07-16 18:52 0 ----a-w C:\Program Files\infra-red.da.ru

2004-07-13 15:47 9,692 ----a-w C:\Program Files\infra-red.nfo

2007-03-15 20:21 8 --sh--r C:\WINDOWS\system32\D7ED7B0402.sys

.

 

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}]

2004-03-17 11:22 820736 --a------ C:\WINDOWS\system32\pbfrv2.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CC11617C-259E-429c-9063-7D70B8355EBD}]

2007-11-14 14:36 1486848 --a------ C:\Program Files\dbar\Deskbar.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}

{EE5D279F-081B-4404-994D-C6B60AAEBA6D}

{2318C2B1-4965-11D4-9B18-009027A5CD4F}

{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}

{EF99BD32-C1FB-11D2-892F-0090271D4F88}

 

[HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d}]

[HKEY_CLASSES_ROOT\pbfrv2.PBFRV2]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}"= C:\WINDOWS\system32\pbfrv2.dll [2004-03-17 11:22 820736]

 

[HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d}]

[HKEY_CLASSES_ROOT\pbfrv2.PBFRV2]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]

"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]

"WinButler"="C:\Documents and Settings\DENDECKER\Application Data\WinButler\WinButler.exe" [2007-11-29 21:00 180736]

"WinUpdater"="C:\Program Files\winvi\update.exe" [2008-01-21 17:37 174232]

"WebSUpdater"="C:\Program Files\winvi\wupda.exe" [2008-01-21 17:37 198185]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 13:00 208952]

"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168]

"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168]

"VTTimer"="VTTimer.exe" [2004-03-26 13:07 49152 C:\WINDOWS\system32\VTTimer.exe]

"SoundMan"="SOUNDMAN.EXE" [2004-05-14 14:47 67072 C:\WINDOWS\SOUNDMAN.EXE]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]

"PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-01-28 10:10 110740]

"EPSON Stylus DX3800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.exe" [2005-02-08 05:00 98304]

"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-05-04 12:17 180269]

"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ]

"StandardInstall"="" []

"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-11-21 18:38 35328]

"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-02-19 18:25 115816]

"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-02-19 18:24 771704]

"Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 09:22 517768]

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-09 19:55 155648]

"dbar_starter"="C:\Documents and Settings\DENDECKER\Application Data\Deskbar_{941792BD-1B18-4c50-AEB2-4288265AC614}\starter.exe" [ ]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoStartMenuPinnedList"= 0 (0x0)

"NoStartMenuMFUprogramsList"= 0 (0x0)

"NoUserNameInStartMenu"= 0 (0x0)

"NoStartMenuSubFolders"= 0 (0x0)

"NoCommonGroups"= 0 (0x0)

"NoPrinterTabs"= 0 (0x0)

"NoDeletePrinter"= 0 (0x0)

"NoAddPrinter"= 0 (0x0)

"NoPrinters"= 0 (0x0)

"NoFavoritesMenu"= 0 (0x0)

"NoSetFolders"= 0 (0x0)

"NoToolbarCustomize"= 0 (0x0)

"NoRecentDocsNetHood"= 0 (0x0)

"NoChangeAnimation"= 0 (0x0)

"NoChangeKeyboardNavigationIndicators"= 0 (0x0)

"ForceActiveDesktopOn"= 1

 

S3 memsysdrv;Memory System;C:\WINDOWS\system32\drivers\memsysdrv.sys [2007-12-26 13:58]

 

*Newly Created Service* - COMHOST

.

Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'

"2008-01-29 17:00:01 C:\WINDOWS\Tasks\HDReg.job"

- c:\Apps\HDReg\HDRegRem.exe

"2008-01-28 19:00:05 C:\WINDOWS\Tasks\Norton Internet Security Online - Analyse système complète - DENDECKER.job"

 

Pour le message Attention erreur systeme : nom en double sur le réseau :

Il n'y a pas plus de précisons (meme quand je clique sur le message).

fred62200 Mega Power Member

fred62200

Posté(e)
  • Auteur
Posté(e)

J'ai remis ma page d'accueil Internet habituelle : ça marche : la page de pub ne revient pas.

Par contre un carré blanc sur fond bleu avec une liste de liens s'est installé comme image d'arrière-plan de mon bureau. En plus, dans le panneau de configuration, je n'ai plus accès aux différentes images d'arrière-plan (la fenêtre est grisée et inactive, pourtant les images sont bien la mais je ne peux pas les remettre).

 

Voila le rapport ComboFix :

 

ComboFix 08-01-29.3 - DENDECKER 2008-01-29 17:59:44.1 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.141 [GMT 1:00]

Endroit: C:\Documents and Settings\DENDECKER\Bureau\ComboFix.exe

* Création d'un nouveau point de restauration

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\WINDOWS\system32\nsn31.dll

C:\WINDOWS\system32\substpntx8.dll

 

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

 

.

-------\poof

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-28 to 2008-01-29 ))))))))))))))))))))))))))))))))))))

.

 

2008-01-29 11:54 . 2008-01-29 11:54 8,927,828 --a------ C:\upload_moi_ALBERT.tar.gz

2008-01-28 18:58 . 2008-01-28 18:58 <REP> d-------- C:\Program Files\dbar

2008-01-28 18:58 . 2008-01-28 18:58 <REP> d-------- C:\Documents and Settings\DENDECKER\Application Data\Deskbar_{941792BD-1B18-4c50-AEB2-4288265AC614}

2008-01-27 20:55 . 2008-01-28 21:06 <REP> d-------- C:\Program Files\winvi

2008-01-25 17:25 . 2008-01-25 17:25 63,488 --a------ C:\WINDOWS\xobglu16.dll

2008-01-25 17:25 . 2008-01-25 17:25 23,552 --a------ C:\WINDOWS\xobglu32.dll

2008-01-23 20:51 . 2008-01-23 20:51 <REP> d-------- C:\Program Files\Illustrate

2008-01-23 20:51 . 2007-02-02 01:52 4,131,192 --a------ C:\WINDOWS\system32\SpoonUninstall.exe

2008-01-23 20:51 . 2008-01-23 20:50 33,846 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.bmp

2008-01-23 20:51 . 2008-01-23 20:51 13,083 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat

2008-01-23 14:40 . 1997-02-26 22:57 1,334,032 --------- C:\WINDOWS\Msvbvm50.dll

2008-01-23 14:40 . 1999-05-23 15:28 967,168 --------- C:\WINDOWS\dirapi.dll

2008-01-23 14:40 . 1999-05-05 22:22 598,288 --------- C:\WINDOWS\Oleaut32.dll

2008-01-23 14:40 . 1999-05-23 15:26 394,752 --------- C:\WINDOWS\Iml32.dll

2008-01-23 14:40 . 1997-02-26 22:57 192,272 --------- C:\WINDOWS\Mci32.ocx

2008-01-15 16:33 . 2008-01-15 16:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion

2008-01-15 16:31 . 2008-01-15 16:31 <REP> d-------- C:\Program Files\Yahoo!

2008-01-15 16:31 . 2008-01-15 16:32 <REP> d-------- C:\Program Files\CCleaner

2008-01-10 21:05 . 2008-01-10 21:05 <REP> d-------- C:\Program Files\eMule 0.47c

2008-01-02 15:00 . 2008-01-02 15:00 1,409 --a------ C:\WINDOWS\system32\tmp57367.FOT

2008-01-02 15:00 . 2008-01-02 15:00 1,409 --a------ C:\WINDOWS\system32\tmp55367.FOT

2008-01-02 15:00 . 2008-01-02 15:00 1,409 --a------ C:\WINDOWS\system32\tmp48367.FOT

2008-01-02 15:00 . 2008-01-02 15:00 1,409 --a------ C:\WINDOWS\system32\tmp3A367.FOT

2007-12-30 17:54 . 2007-12-30 19:04 <REP> d-------- C:\Extra M.A.M.E

2007-12-30 15:37 . 2007-12-30 18:38 80,097 --a------ C:\WINDOWS\system32\dcads-remove.exe

2007-12-30 14:59 . 2007-12-30 14:59 <REP> d-------- C:\Program Files\vso

2007-12-30 14:59 . 2007-12-30 14:59 39,488 --a------ C:\WINDOWS\system32\drivers\Pcouffin.sys

2007-12-29 16:00 . 2008-01-29 10:39 <REP> d-------- C:\Documents and Settings\DENDECKER\Application Data\WinButler

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-01-29 17:07 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared

2008-01-29 16:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec

2008-01-26 15:35 --------- d-----w C:\Program Files\PokerStars

2008-01-23 13:41 --------- d--h--w C:\Program Files\InstallShield Installation Information

2008-01-23 13:39 --------- d-----w C:\Program Files\Disney Interactive

2008-01-20 17:46 --------- d-----w C:\Program Files\Warcraft III

2007-12-29 17:08 --------- d-----w C:\Program Files\Microsoft Games

2007-12-26 21:50 --------- d-----w C:\Program Files\Shareaza

2007-12-26 21:50 --------- d-----w C:\Documents and Settings\DENDECKER\Application Data\Shareaza

2007-12-26 12:58 44,238 ----a-w C:\WINDOWS\system32\drivers\memsysdrv.sys

2007-12-24 14:38 --------- d-----w C:\Documents and Settings\DENDECKER\Application Data\DivX

2007-12-24 14:13 --------- d-----w C:\Program Files\Google

2007-12-24 14:10 --------- d-----w C:\Program Files\DivX

2007-12-23 18:02 --------- d-----w C:\Program Files\Nouveau dossier

2007-12-22 19:55 --------- d-----w C:\Program Files\Fichiers communs\Macromedia

2007-12-22 19:54 --------- d-----w C:\Program Files\Macromedia

2007-12-18 18:07 --------- d-----w C:\Documents and Settings\DENDECKER\Application Data\AdobeUM

2007-12-17 22:51 --------- d-----w C:\Program Files\PSCS2Updater

2007-12-17 22:21 --------- d-----w C:\Program Files\Fichiers communs\Adobe

2007-12-17 22:17 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared

2007-12-17 22:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems

2007-12-16 16:36 --------- d-----w C:\Documents and Settings\DENDECKER\Application Data\AdobeAUM

2007-12-09 19:25 --------- d-----w C:\Documents and Settings\DENDECKER\Application Data\Apple Computer

2007-12-09 19:21 --------- d-----w C:\Program Files\QuickTime

2007-12-09 18:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer

2007-12-09 11:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet

2007-12-05 10:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink

2007-12-05 09:36 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF

2007-12-05 09:36 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS

2007-12-05 09:36 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT

2007-12-05 09:36 --------- d-----w C:\Program Files\Symantec

2007-12-05 09:35 --------- d-----w C:\Program Files\Norton Internet Security

2007-12-04 19:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink

2007-11-30 22:57 43,696 ----a-w C:\WINDOWS\system32\drivers\srtspx.sys

2007-11-30 22:57 317,616 ----a-w C:\WINDOWS\system32\drivers\srtspl.sys

2007-11-30 22:57 279,088 ----a-w C:\WINDOWS\system32\drivers\srtsp.sys

2007-11-30 22:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspx.cat

2007-11-30 22:57 10,549 ----a-w C:\WINDOWS\system32\drivers\srtspl.cat

2007-11-30 22:57 10,545 ----a-w C:\WINDOWS\system32\drivers\srtsp.cat

2007-11-30 22:57 1,430 ----a-w C:\WINDOWS\system32\drivers\srtspl.inf

2007-11-30 22:57 1,421 ----a-w C:\WINDOWS\system32\drivers\srtspx.inf

2007-11-30 22:57 1,415 ----a-w C:\WINDOWS\system32\drivers\srtsp.inf

2007-11-29 23:30 --------- d-----w C:\Program Files\Windows Live

2007-10-04 20:03 49,245,328 ----a-w C:\Program Files\Install_NortonInternetSecurity_FR.exe

2007-09-19 19:16 42,641,512 ----a-w C:\Program Files\Install_NortonAntiVirus2007_FR.exe

2004-09-20 20:23 2,974 ----a-w C:\Program Files\orion.nfo

2004-07-16 18:52 0 ----a-w C:\Program Files\infra-red.da.ru

2004-07-13 15:47 9,692 ----a-w C:\Program Files\infra-red.nfo

2007-03-15 20:21 8 --sh--r C:\WINDOWS\system32\D7ED7B0402.sys

.

 

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}]

2004-03-17 11:22 820736 --a------ C:\WINDOWS\system32\pbfrv2.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CC11617C-259E-429c-9063-7D70B8355EBD}]

2007-11-14 14:36 1486848 --a------ C:\Program Files\dbar\Deskbar.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}

{EE5D279F-081B-4404-994D-C6B60AAEBA6D}

{2318C2B1-4965-11D4-9B18-009027A5CD4F}

{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}

{EF99BD32-C1FB-11D2-892F-0090271D4F88}

 

[HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d}]

[HKEY_CLASSES_ROOT\pbfrv2.PBFRV2]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}"= C:\WINDOWS\system32\pbfrv2.dll [2004-03-17 11:22 820736]

 

[HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d}]

[HKEY_CLASSES_ROOT\pbfrv2.PBFRV2]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]

"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]

"WinButler"="C:\Documents and Settings\DENDECKER\Application Data\WinButler\WinButler.exe" [2007-11-29 21:00 180736]

"WinUpdater"="C:\Program Files\winvi\update.exe" [2008-01-21 17:37 174232]

"WebSUpdater"="C:\Program Files\winvi\wupda.exe" [2008-01-21 17:37 198185]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 13:00 208952]

"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168]

"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168]

"VTTimer"="VTTimer.exe" [2004-03-26 13:07 49152 C:\WINDOWS\system32\VTTimer.exe]

"SoundMan"="SOUNDMAN.EXE" [2004-05-14 14:47 67072 C:\WINDOWS\SOUNDMAN.EXE]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]

"PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-01-28 10:10 110740]

"EPSON Stylus DX3800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.exe" [2005-02-08 05:00 98304]

"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-05-04 12:17 180269]

"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ]

"StandardInstall"="" []

"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-11-21 18:38 35328]

"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-02-19 18:25 115816]

"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-02-19 18:24 771704]

"Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 09:22 517768]

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-09 19:55 155648]

"dbar_starter"="C:\Documents and Settings\DENDECKER\Application Data\Deskbar_{941792BD-1B18-4c50-AEB2-4288265AC614}\starter.exe" [ ]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoStartMenuPinnedList"= 0 (0x0)

"NoStartMenuMFUprogramsList"= 0 (0x0)

"NoUserNameInStartMenu"= 0 (0x0)

"NoStartMenuSubFolders"= 0 (0x0)

"NoCommonGroups"= 0 (0x0)

"NoPrinterTabs"= 0 (0x0)

"NoDeletePrinter"= 0 (0x0)

"NoAddPrinter"= 0 (0x0)

"NoPrinters"= 0 (0x0)

"NoFavoritesMenu"= 0 (0x0)

"NoSetFolders"= 0 (0x0)

"NoToolbarCustomize"= 0 (0x0)

"NoRecentDocsNetHood"= 0 (0x0)

"NoChangeAnimation"= 0 (0x0)

"NoChangeKeyboardNavigationIndicators"= 0 (0x0)

"ForceActiveDesktopOn"= 1

 

S3 memsysdrv;Memory System;C:\WINDOWS\system32\drivers\memsysdrv.sys [2007-12-26 13:58]

 

*Newly Created Service* - COMHOST

.

Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'

"2008-01-29 17:00:01 C:\WINDOWS\Tasks\HDReg.job"

- c:\Apps\HDReg\HDRegRem.exe

"2008-01-28 19:00:05 C:\WINDOWS\Tasks\Norton Internet Security Online - Analyse système complète - DENDECKER.job"

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...