Problème

[Back]

re re

 

 

 

"Silent Runners.vbs", revision 45, http://www.silentrunners.org/

Operating System: Windows XP SP2

Output limited to non-default values, except where indicated by "{++}"

 

 

Startup items buried in registry:

---------------------------------

 

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}

"CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]

"PowerBar" = (empty string)

"Steam" = "C:\Program Files\Valve\Steam\Steam.exe -silent" ["Valve Corporation"]

"a-squared" = ""C:\Program Files\a2\a2guard.exe"" [file not found]

"WOOKIT" = "C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe" ["France Télécom R&D"]

"NBJ" = ""C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"" ["Ahead Software AG"]

"msnmsgr" = ""C:\Program Files\MSN Messenger\msnmsgr.exe" /background" [MS]

 

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}

"SchedulingAgent" = "mstinit.exe /firstlogon" [MS]

"farstone" = (empty string)

"RestoreIT!" = ""C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart" ["FarStone Tech. Inc."]

"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup" [MS]

"nwiz" = "nwiz.exe /install" ["NVIDIA Corporation"]

"NvMediaCenter" = "RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit" [MS]

"Raccourci vers la page des propriétés de High Definition Audio" = "HDAudPropShortcut.exe" ["Windows ® Server 2003 DDK provider"]

"Cmaudio" = "RunDll32 cmicnfg.cpl,CMICtrlWnd" [MS]

"fenaffiche" = "C:\Program Files\FenAffiche\Fenpowernet.exe" [null data]

"WOOWATCH" = "C:\PROGRA~1\Wanadoo\Watch.exe" ["France Télécom R&D"]

"WOOTASKBARICON" = "C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe" ["France Télécom R&D"]

"SunJavaUpdateSched" = "C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe" [null data]

"AGRSMMSG" = "AGRSMMSG.exe" ["Agere Systems"]

"LVCOMS" = "C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE" ["Logitech Inc."]

"LogitechGalleryRepair" = "C:\Program Files\Logitech\ImageStudio\ISStart.exe" ["Logitech Inc."]

"LogitechImageStudioTray" = "C:\Program Files\Logitech\ImageStudio\LogiTray.exe" ["Logitech Inc."]

"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."]

"TkBellExe" = ""C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot" ["RealNetworks, Inc."]

"F-Secure Manager" = ""C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash" ["F-Secure Corporation"]

"F-Secure TNB" = ""C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL" ["F-Secure Corporation"]

"NeroFilterCheck" = "C:\WINDOWS\system32\NeroCheck.exe" ["Ahead Software Gmbh"]

 

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)

-> {HKLM...CLSID} = "AcroIEHlprObj Class"

\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]

{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)

-> {HKLM...CLSID} = "Google Toolbar Helper"

\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]

 

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Extension Affichage Panorama du Panneau de configuration"

-> {HKLM...CLSID} = "Extension Affichage Panorama du Panneau de configuration"

\InProcServer32\(Default) = "deskpan.dll" [file not found]

"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Extension icône HyperTerminal"

-> {HKLM...CLSID} = "HyperTerminal Icon Ext"

\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]

"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"

-> {HKLM...CLSID} = "DesktopContext Class"

\InProcServer32\(Default) = "C:\WINDOWS\System32\nvcpl.dll" ["NVIDIA Corporation"]

"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"

-> {HKLM...CLSID} = "NVIDIA CPL Extension"

\InProcServer32\(Default) = "C:\WINDOWS\System32\nvcpl.dll" ["NVIDIA Corporation"]

"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"

-> {HKLM...CLSID} = "Desktop Explorer"

\InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]

"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]

"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"

-> {HKLM...CLSID} = "nView Desktop Context Menu"

\InProcServer32\(Default) = "C:\WINDOWS\System32\nvshell.dll" ["NVIDIA Corporation"]

"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"

-> {HKLM...CLSID} = "Microsoft Office Outlook"

\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL" [MS]

"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"

-> {HKLM...CLSID} = "Outlook File Icon Extension"

\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL" [MS]

"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS]

"{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"

-> {HKLM...CLSID} = "AlcoholShellEx"

\InProcServer32\(Default) = "C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll" ["Alcohol Soft Development Team"]

"{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices"

-> {HKLM...CLSID} = "Portable Media Devices"

\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]

"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"

-> {HKLM...CLSID} = "Portable Media Devices Menu"

\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]

"{B446400D-0030-457b-8F64-422A19605186}" = "Logitech Gallery"

-> {HKLM...CLSID} = "Logitech Gallery"

\InProcServer32\(Default) = "C:\Program Files\Logitech\ImageStudio\NameSpc.dll" ["Logitech Inc."]

"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"

-> {HKLM...CLSID} = "RealOne Player Context Menu Class"

\InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]

"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"

-> {HKLM...CLSID} = "WinRAR"

\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

"{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" = "OpenOffice.org Column Handler"

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]

"{087B3AE3-E237-4467-B8DB-5A38AB959AC9}" = "OpenOffice.org Infotip Handler"

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]

"{63542C48-9552-494A-84F7-73AA6A7C99C1}" = "OpenOffice.org Property Sheet Handler"

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]

"{3B092F0C-7696-40E3-A80F-68D74DA84210}" = "OpenOffice.org Thumbnail Viewer"

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]

"{21569614-B795-46b1-85F4-E737A8DC09AD}" = "Shell Search Band"

-> {HKLM...CLSID} = "Shell Search Band"

\InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS]

 

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\

INFECTION WARNING! "{54D9498B-CF93-414F-8984-8CE7FDE0D391}" = "ewido shell guard"

-> {HKLM...CLSID} = "CShellExecuteHookImpl Object"

\InProcServer32\(Default) = "C:\Program Files\ewido anti-malware\shellhook.dll" ["TODO: <Firmenname>"]

 

HKLM\Software\Classes\PROTOCOLS\Filter\

INFECTION WARNING! text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = "C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]

 

HKLM\Software\Classes\Folder\shellex\ColumnHandlers\

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(Default) = "OpenOffice.org Column Handler"

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = ""C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll"" ["Sun Microsystems, Inc."]

 

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {HKLM...CLSID} = "WinRAR"

\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

 

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {HKLM...CLSID} = "WinRAR"

\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

 

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

-> {HKLM...CLSID} = "WinRAR"

\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

 

 

Active Desktop and Wallpaper:

-----------------------------

 

Active Desktop is disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

 

HKCU\Control Panel\Desktop\

"Wallpaper" = "C:\Documents and Settings\Koopman's\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"

 

 

Enabled Screen Saver:

---------------------

 

HKCU\Control Panel\Desktop\

"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]

 

 

Startup items in "Koopman's" & "All Users" startup folders:

-----------------------------------------------------------

 

C:\Documents and Settings\Koopman's\Menu Démarrer\Programmes\Démarrage

"OpenOffice.org 2.0" -> shortcut to: "C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe" [null data]

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

"Adobe Gamma Loader.exe" -> shortcut to: "C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe" ["Adobe Systems, Inc."]

"DSLMON" -> shortcut to: "C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe /W" [empty string]

 

 

Enabled Scheduled Tasks:

------------------------

 

"A8548B8A903B08F2" -> launches: "c:\docume~1\koopma~1\applic~1\baitmo~1\sect iso curb.exe" [file not found]

 

 

Winsock2 Service Provider DLLs:

-------------------------------

 

Namespace Service Providers

 

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]

000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

 

Transport Service Providers

 

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 25

%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05

 

 

Toolbars, Explorer Bars, Extensions:

------------------------------------

 

Toolbars

 

HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"

-> {HKLM...CLSID} = "&Google"

\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]

 

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"

-> {HKLM...CLSID} = "&Google"

\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]

 

HKLM\Software\Microsoft\Internet Explorer\Toolbar\

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided)

-> {HKLM...CLSID} = "&Google"

\InProcServer32\(Default) = "c:\program files\google\googletoolbar2.dll" ["Google Inc."]

 

Explorer Bars

 

HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\

{21569614-B795-46B1-85F4-E737A8DC09AD}\(Default) = (no title provided)

-> {HKLM...CLSID} = "Shell Search Band"

\InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS]

 

Extensions (Tools menu items, main toolbar menu buttons)

 

HKCU\Software\Microsoft\Internet Explorer\Extensions\

{1462651F-F4BA-4C76-A001-C4284D0FE16E}\

"ButtonText" = "Wanadoo"

"Exec" = "http://www.wanadoo.fr" [file not found]

 

 

Miscellaneous IE Hijack Points

------------------------------

 

C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings")

 

Added lines (compared with English-language version):

[strings]: START_PAGE_URL=http://www.unika.com

[strings]: SAFESITE_VALUE="http://home.microsoft.com/intl/fr/"

 

Missing lines (compared with English-language version):

[strings]: 2 lines

 

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\

"{08C06D61-F1F3-4799-86F8-BE1A89362C85}" = (no title provided)

-> {HKLM...CLSID} = "Search Class"

\InProcServer32\(Default) = "C:\PROGRA~1\Wanadoo\SEARCH~1.DLL" [empty string]

 

 

Running Services (Display Name, Service Name, Path {Service DLL}):

------------------------------------------------------------------

 

C-DillaCdaC11BA, C-DillaCdaC11BA, "C:\WINDOWS\system32\drivers\CDAC11BA.EXE" ["Macrovision"]

Canon Camera Access Library 8, CCALib8, "C:\Program Files\Canon\CAL\CALMAIN.exe" ["Canon Inc."]

Creative Service for CDROM Access, Creative Service for CDROM Access, "C:\WINDOWS\system32\CTsvcCDA.EXE" ["Creative Technology Ltd"]

ewido security suite control, ewido security suite control, "C:\Program Files\ewido anti-malware\ewidoctrl.exe" ["ewido networks"]

F-Secure Distributed Firewall Daemon, FSDFWD, ""C:\Program Files\Securitoo\av_fw\DFW\Program\fsdfwd.exe"" ["F-Secure Corporation"]

F-Secure Gatekeeper Handler Starter, F-Secure Gatekeeper Handler Starter, ""C:\Program Files\Securitoo\av_fw\Anti-Virus\fsgk32st.exe"" ["F-Secure Corp."]

F-Secure Management Agent, FSMA, ""C:\Program Files\Securitoo\av_fw\Common\FSMA32.EXE"" ["F-Secure Corporation"]

F-Secure Windows Security Center Legacy Detection Service, Fswsclds, "C:\Program Files\Securitoo\av_fw\fswsclds.exe" ["F-Secure Corporation"]

fsbwsys, fsbwsys, ""C:\Program Files\Securitoo\av_fw\backweb\1044199\program\fsbwsys.exe"" ["F-Secure Corp."]

NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\System32\nvsvc32.exe" ["NVIDIA Corporation"]

ScsiAccess, ScsiAccess, "C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe" [null data]

Securitoo AntiVirus Firewall, BackWeb Client - 1044199, "C:\PROGRA~1\SECURI~1\av_fw\backweb\1044199\Program\SERVIC~1.EXE" [null data]

StarWind iSCSI Service, StarWindService, "C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe" ["Rocket Division Software"]

Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS]

 

 

Print Monitors:

---------------

 

HKLM\System\CurrentControlSet\Control\Print\Monitors\

Canon BJ Language Monitor i350\Driver = "CNMLM53.DLL" ["CANON INC."]

Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS]

 

 

----------

+ This report excludes default entries except where indicated.

+ To see *everywhere* the script checks and *everything* it finds,

launch it from a command prompt or a shortcut with the -all parameter.

+ To search all directories of local fixed drives for DESKTOP.INI

DLL launch points and all Registry CLSIDs for dormant Explorer Bars,

use the -supp parameter or answer "No" at the first message box.

---------- (total run time: 28 seconds, including 3 seconds for message boxes)

[bruce lee]

re,

 

es tu sur d'avoir bien suivi les consignes? durant la procedure a tu rencontrer des problemes? as tu bien supprimer le dossier?

[Back]

Je n'ai pas rencontré de problèmes mais je pencherai plus pour la base de mon problème à un fichier supprimé inconsciemment...

SInon j'ai bien supprimé tous fichiers de VMN TOOLBAR et le fichier BAITMO mais après...^^'

J'avais oublié de le dire mais je pense c'est pas trop important, qu'il n'y avait plus ces fichiers à supprimer lors du rapport HijackThis:

 

O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL

O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL

Voilà sinon je vais poster une image du problème tout à l'heure !!

[bruce lee]

re,

 

SInon j'ai bien supprimé tous fichiers de VMN TOOLBAR et le fichier BAITMO mais après...^^

 

Si tu as bien supprimer tout le dossier BAITMO fais ceci:

 

Fais un scan en ligne avec http://webscanner.kaspersky.fr/

 

Sous Démonstration en ligne , on t'explique la marche à suivre , et pour lancer le scan il faut sélectionner Exécuter l'analyse en ligne .Le scan ne marche que sous Internet Explorer.

On va te demander de télécharger un contôle active x, accepte .

Dans le menu Choisissez la cible de l'analyse , sélectionne Poste de travail .

Le scan va commencer.Poste le rapport qui sera généré stp.

 

Si il y a un problème, assure toi que les contrôles active x sont bien configurés dans les options internet comme

 

décrit sur ce lien=> http://www.inoculer.com/activex.php3

[Back]

Je n'arrive pas à choisir poste de travail comme cible... voilà ma page

 

 

 

 

 

...et le message d'erreur (mon problème...) :

 

 

 

http://img509.imageshack.us/my.php?image=error0dk.png

Modifié le 7 juin 2006 par Back

[bruce lee]

re,

 

essaye celui la http://www.pandasoftware.com/activescan/fr...n_principal.htm

tuto pour panda http://www.monaco-pro.com/cool-life/tuto/panda/tuto.htm

 

a la fin du scan tu cliques sur "consulter le rapport",tu le sauvegardes et tu le posts.

[Back]

re,

 

 

 

Incident Statut Analyse

 

Outil indésirable:application/need2find No Désinfecté hkey_current_user\software\Need2Find

Outil indésirable:application/myway No Désinfecté hkey_local_machine\software\MyWay

Adware:adware/ist.yoursitebar No Désinfecté Registre Windows

Outil indésirable:application/altnet No Désinfecté hkey_classes_root\clsid\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}

Outil indésirable:application/regfreeze No Désinfecté hkey_current_user\software\actualresearch\RegistryFreeze

Adware:adware/ist.istbar No Désinfecté Registre Windows

Adware:adware/looksmart No Désinfecté Registre Windows

Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Koopman's\Application Data\Mozilla\Firefox\Profiles\ukyjgy5a.default\cookies.txt[.xiti.com/]

Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@ad.yieldmanager[1].txt

Spyware:Cookie/PointRoll No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@ads.pointroll[1].txt

Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@advertising[2].txt

Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@atdmt[2].txt

Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@bluestreak[1].txt

Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@doubleclick[1].txt

Spyware:Cookie/FastClick No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@fastclick[2].txt

Spyware:Cookie/FastClick No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@media.fastclick[2].txt

Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@mediaplex[1].txt

Spyware:Cookie/QuestionMarket No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@questionmarket[1].txt

Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@tradedoubler[1].txt

Spyware:Cookie/Tribalfusion No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@tribalfusion[1].txt

Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@weborama[2].txt

Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@xiti[1].txt

Spyware:Cookie/Zedo No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@zedo[1].txt

[bruce lee]

re,

 

tu es sur que tu as analyser tout le disque? je trouve le scan tres rapide.

[Back]

Il vient de buger je recommence...

[Back]

J'ai pris poste de travail a analyser et c'est je crois presque la même chose...

je tente les disques durs ... seuls...(ça marche pas toujours la même la chose...)

 

 

Incident Statut Analyse

 

Outil indésirable:application/need2find No Désinfecté hkey_current_user\software\Need2Find

Outil indésirable:application/myway No Désinfecté hkey_local_machine\software\MyWay

Adware:adware/ist.yoursitebar No Désinfecté Registre Windows

Outil indésirable:application/altnet No Désinfecté hkey_classes_root\clsid\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}

Outil indésirable:application/regfreeze No Désinfecté hkey_current_user\software\actualresearch\RegistryFreeze

Adware:adware/ist.istbar No Désinfecté Registre Windows

Adware:adware/looksmart No Désinfecté Registre Windows

Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\Koopman's\Application Data\Mozilla\Firefox\Profiles\ukyjgy5a.default\cookies.txt[.advertising.com/]

Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Koopman's\Application Data\Mozilla\Firefox\Profiles\ukyjgy5a.default\cookies.txt[.xiti.com/]

Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@ad.yieldmanager[1].txt

Spyware:Cookie/PointRoll No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@ads.pointroll[1].txt

Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@advertising[2].txt

Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@atdmt[2].txt

Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@bluestreak[1].txt

Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@doubleclick[1].txt

Spyware:Cookie/FastClick No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@fastclick[2].txt

Spyware:Cookie/FastClick No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@media.fastclick[2].txt

Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@mediaplex[1].txt

Spyware:Cookie/QuestionMarket No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@questionmarket[1].txt

Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@serving-sys[2].txt

Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@tradedoubler[1].txt

Spyware:Cookie/Tribalfusion No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@tribalfusion[1].txt

Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@weborama[2].txt

Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@xiti[1].txt

Spyware:Cookie/Zedo No Désinfecté C:\Documents and Settings\Koopman's\Cookies\koopman's@zedo[1].txt

Modifié le 7 juin 2006 par Back