antivirus troj/agent-ayo

Recherche :

Mot : Pseudo : Filtrer
Bas de page
Auteur	Sujet : antivirus troj/agent-ayo

banania8

Bonjour,

J'ai un ordinateur avec Windows 2000 comme système d'exploitation qui est infecté par de nombreux virus (tous des Troj) tels que :
Troj/Agent-AYO
Troj/FakeAle-G

Pouvez-vous m'indiquer quel antivirus gratuit dois-je utiliser afin de supprimer ces virus et comment je dois m'y prendre?

Merci d'avance

Publicité

CleanDows

Salut banania8,

1) Quels sont les symptômes exacts de ta machine ?

2) Apparemment, tu utilises un outil de sécurité "Sophos"... qui ne parvient pas à éliminer l'infection...

A] Tu es pressé et tu veux juste retirer ces virus-là :

---> Redémarre en mode sans échec et lance un scan avec ton antivirus...
http://service1.symantec.com/suppo [...] 5112131924

B] Tu veux désinfecter complètement et en profondeur ton système :

---> Télécharge le programme '"HijackThis" : http://download.hijackthis.eu/hijackthis_199.zip, décompresse-le dans un dossier dédié, exécute "HijackThis.exe" et choisis l'option "Do A System Scan And Save A Log File"

---> Copie-colle le log (fichier texte) sur ce forum

---> Télécharge "Cleanup" de Steven Gould : http://www.stevengould.org/downloa [...] nUp452.exe

---> Télécharge "RegCleaner" : http://pierre.szwarc.free.fr/Files/RegCleaner.exe

---> Ne touche pas à ces deux derniers programmes pour l'instant, nous t'enverrons la suite des instructions après analyse de ton log (20 minutes après la lecture)

Bien à toi,

* Si quelque chose te semble difficile, surtout, n'hésite pas à poser des questions, nous sommes là pour t'aider *

Message édité par CleanDows le 26-07-2006 à 17:02:02

banania8

Salut cleandows,
Merci beaucoup de ton aide

1)J'ai des fenêtres d'erreurs qui apparraissent m'indiquant qu'un fichier est infecté par un virus et que ce fichier est impossible d'accès

2)Voici le rapport de HijackThis
Logfile of HijackThis v1.99.1
Scan saved at 10:06:40, on 27/07/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Symantec\pcAnywhere\awhost32.exe
C:\Program Files\Sophos\Remote Update\cachemgr.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Sophos SWEEP for NT\SWNETSUP.EXE
C:\Program Files\Sophos SWEEP for NT\SWEEPSRV.SYS
C:\WINNT\Explorer.EXE
C:\WINNT\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\WINNT\SYSTEM32\SERVICES.EXE
C:\WINNT\system32\hkcmd.exe
C:\WINNT\system32\eeda0d48.exe
C:\Program Files\Softwin\BitDefender8\bdmcon.exe
C:\Program Files\Sophos SWEEP for NT\ICMON.EXE
C:\Program Files\Sophos\Remote Update\imonitor.exe
C:\Documents and Settings\Administrateur\Bureau\hijackthis_199\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries [...] efault.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.dell.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/countries [...] efault.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.40.1.1:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F3 - REG:win.ini: run=C:\WINNT\inet20026\services.exe
O2 - BHO: (no name) - {4E141503-734F-4480-8921-6FAF5D630A15} - C:\WINNT\system32\mlonjp.dll (file missing)
O2 - BHO: HBO Class - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - C:\WINNT\inet20026\3.03.00.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O2 - BHO: BHO - {9BB5B49C-0D59-418d-A6A5-F6373B8FEF64} - C:\Program Files\BHO Plugin\plugin.dll (file missing)
O2 - BHO: (no name) - {F2AB0AF3-A2AA-7370-6537-A7DE39CC24AB} - C:\DOCUME~1\Sylvie\APPLIC~1\THIRDC~1\dog dupe.exe (file missing)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [System] C:\WINNT\system32\testtestt.exe
O4 - HKLM\..\Run: [eeda0d48.exe] C:\WINNT\system32\eeda0d48.exe
O4 - HKLM\..\Run: [spoolsvv] C:\WINNT\system32\spoolsvv.exe
O4 - HKLM\..\Run: [xp_system] C:\WINNT\inet20026\services.exe
O4 - HKLM\..\Run: [Microsoft standard protector] C:\WINNT\inet20026\socks.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"
O4 - HKLM\..\RunServices: [SystemTools] C:\WINNT\system32\testtestt.exe
O4 - HKCU\..\Run: [eeda0d48.exe] C:\Documents and Settings\Administrateur\Local Settings\Application Data\eeda0d48.exe
O4 - HKCU\..\Run: [xp_system] C:\WINNT\inet20026\services.exe
O4 - Global Startup: InterCheck Monitor.LNK = C:\Program Files\Sophos SWEEP for NT\ICMON.EXE
O4 - Global Startup: Remote Update Monitor.lnk = C:\Program Files\Sophos\Remote Update\imonitor.exe
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.68/oV6gwQhvHvfnBw_m7RmP.chm:on-line.exe
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q330995.exe
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/1 [...] comInt.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{38BED561-D55C-421D-8BAE-21500B00C63E}: NameServer = 194.2.0.20,194.2.0.50
O17 - HKLM\System\CS1\Services\Tcpip\..\{38BED561-D55C-421D-8BAE-21500B00C63E}: NameServer = 194.2.0.20,194.2.0.50
O17 - HKLM\System\CS2\Services\Tcpip\..\{38BED561-D55C-421D-8BAE-21500B00C63E}: NameServer = 194.2.0.20,194.2.0.50
O18 - Filter: text/html - {509EFBD4-6B5F-412C-9F42-80AE5C28FEC2} - C:\WINNT\system32\mlonjp.dll
O18 - Filter: text/plain - {509EFBD4-6B5F-412C-9F42-80AE5C28FEC2} - C:\WINNT\system32\mlonjp.dll
O20 - Winlogon Notify: artm_newreg - C:\Documents and Settings\All Users\Documents\Settings\artm_new.dll
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: PCANotify - C:\WINNT\SYSTEM32\PCANotify.dll
O20 - Winlogon Notify: polymorphreg - C:\Documents and Settings\All Users\Documents\Settings\polymorph.dll
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe (file missing)
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Sophos Cache Manager (CacheMgr) - SOPHOS Plc - C:\Program Files\Sophos\Remote Update\cachemgr.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
O23 - Service: Sophos Anti-Virus Network (SweepNet) - Sophos Plc - C:\Program Files\Sophos SWEEP for NT\SWNETSUP.EXE
O23 - Service: Sophos Anti-Virus (SWEEPSRV.SYS) - Sophos Plc - C:\Program Files\Sophos SWEEP for NT\SWEEPSRV.SYS
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

banania8

banania8

Avant d'avoir exécuté hijackthis, j'ai fait un scan avec ewido

CleanDows

Re-bonjour Banania8,

Citation :

Avant d'avoir exécuté hijackthis, j'ai fait un scan avec ewido

---> Si tu l'as encore, tu peux aussi poster ton rapport Ewido...

---> Je ne pourrai pas analyser ton log avant ce soir (ou cette nuit, au plus tard), je te remercie pour ta patience... En l'occurence, aucun problème si un autre passionné prend le relais ou que tu postes sur d'autres forums !

Quoiqu'il en soit, je te souhaite une excellente après-midi !

banania8

Voici le scan d'ewido

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 10:32:13 27/07/2006

+ Scan result:

C:\Documents and Settings\Florence\Local Settings\Temp\THI43A0.tmp\localNrd.cab/localNRD.dll -> Adware.BiSpy : Cleaned.
C:\Documents and Settings\Florence\Local Settings\Temp\THI43A0.tmp\localNrd.cab/preInsln.exe -> Adware.BiSpy : Cleaned.
C:\Documents and Settings\Florence\Local Settings\Temp\localNrd.cab/localNRD.dll -> Adware.BiSpy : Cleaned.
C:\Documents and Settings\Florence\Local Settings\Temp\localNrd.cab/preInsln.exe -> Adware.BiSpy : Cleaned.
HKLM\SOFTWARE\Classes\Replace.HBO -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\Replace.HBO.1 -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\Replace.HBO\CLSID -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Classes\Replace.HBO\CurVer -> Adware.CoolWebSearch : Cleaned.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAssistant Uninstall -> Adware.CoolWebSearch : Cleaned.
C:\Documents and Settings\Denise\Local Settings\Temp\vx1.game -> Backdoor.Agent.acl : Cleaned.
C:\WINNT\SYSTEM32\vxgame1.exe -> Backdoor.Agent.acl : Cleaned.
HKLM\SOFTWARE\Classes\SysWebTelecom.SysWebTelecom -> Dialer.Generic : Cleaned.
HKLM\SOFTWARE\Classes\SysWebTelecom.SysWebTelecom\CLSID -> Dialer.Generic : Cleaned.
HKLM\SOFTWARE\Classes\SysWebTelecom.SysWebTelecom\CurVer -> Dialer.Generic : Cleaned.
C:\Documents and Settings\Denise\Local Settings\Temp\9C.tmp -> Downloader.Agent.aov : Cleaned.
C:\Documents and Settings\Denise\Local Settings\Temporary Internet Files\Content.IE5\0LSNGZ0J\ldin[1].exe -> Downloader.Agent.aov : Cleaned.
C:\Documents and Settings\Denise\Local Settings\Temporary Internet Files\Content.IE5\QFYJAH6B\scane[1].exe -> Downloader.Small.cwo : Cleaned.
C:\WINNT\SYSTEM32\taskdir~.exe -> Downloader.Small.cwo : Cleaned.
C:\Documents and Settings\Denise\Local Settings\Temp\qvxt3.game -> Downloader.Small.daq : Cleaned.
C:\WINNT\SYSTEM32\qvxgamet3.exe -> Downloader.Small.daq : Cleaned.
C:\Documents and Settings\Denise\Local Settings\Temp\6.dlb -> Downloader.Tibs.ew : Cleaned.
C:\Documents and Settings\Denise\Local Settings\Temp\7.dlb -> Downloader.Tibs.ew : Cleaned.
C:\Documents and Settings\Denise\Local Settings\Temporary Internet Files\Content.IE5\0LSNGZ0J\win32[1].exe -> Downloader.Tibs.fb : Cleaned.
C:\WINNT\SYSTEM32\kernels8.exe -> Downloader.Tibs.fb : Cleaned.
C:\WINNT\SYSTEM32\slx.exe[ -> Downloader.Tibs.fb : Cleaned.
C:\Documents and Settings\Denise\Local Settings\Temp\9B.tmp -> Dropper.Small.aqk : Cleaned.
C:\Documents and Settings\Denise\Local Settings\Temporary Internet Files\Content.IE5\M9SJI1A5\veter11[1].exe -> Dropper.Small.aqk : Cleaned.
C:\WINNT\inet20026\mm5.exe -> Logger.Delf.ig : Cleaned.
C:\WINNT\inet20026\mm5.exe.bak -> Logger.Delf.ig : Cleaned.
C:\WINNT\Temp\art5D31.tmp -> Proxy.Agent.ji : Cleaned.
C:\Documents and Settings\Denise\Local Settings\Temp\vx2.game -> Proxy.Agent.km : Cleaned.
C:\WINNT\inet20026\select.exe -> Proxy.Small.em : Cleaned.
C:\WINNT\inet20026\select.exe.bak -> Proxy.Small.em : Cleaned.
[168] C:\Documents and Settings\All Users\Documents\Settings\polymorph.dll -> Proxy.Xorpix.ac : Cleaned.
C:\WINNT\Temp\artF69B.tmp -> Proxy.Xorpix.ae : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@247realmedia[3].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@247realmedia[3].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@2o7[3].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@112.2o7[3].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@112.2o7[3].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@66.220.17[2].txt -> TrackingCookie.66.220.17.154 : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@66.220.17[5].txt -> TrackingCookie.66.220.17.154 : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@66.220.17[2].txt -> TrackingCookie.66.220.17.154 : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@66.220.17[5].txt -> TrackingCookie.66.220.17.154 : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@abetterinternet[1].txt -> TrackingCookie.Abetterinternet : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@z1.adserver[2].txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@z1.adserver[3].txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@z1.adserver[2].txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@z1.adserver[3].txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@z1.adserver[2].txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@z1.adserver[3].txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@advertising[3].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@servedby.advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@advertising[4].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@servedby.advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@servedby.advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@servedby.advertising[4].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@advertising[3].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@servedby.advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@servedby.advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@advertising[3].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@servedby.advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@servedby.advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@bluestreak[3].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@bluestreak[3].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@bluestreak[4].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@bluestreak[3].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@bluestreak[4].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@iv2.bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@bluestreak[3].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@bluestreak[4].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@iv2.bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@casalemedia[3].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@casalemedia[4].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@casalemedia[3].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@casalemedia[3].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@promo.casinotropez[1].txt -> TrackingCookie.Casinotropez : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@centrport[2].txt -> TrackingCookie.Centrport : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@centrport[1].txt -> TrackingCookie.Centrport : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@centrport[1].txt -> TrackingCookie.Centrport : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@cliks[2].txt -> TrackingCookie.Cliks : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@com[3].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@com[3].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@fl01.ct2.comclick[4].txt -> TrackingCookie.Comclick : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@fl01.ct2.comclick[4].txt -> TrackingCookie.Comclick : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@estat[1].txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@estat[1].txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@estat[1].txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@estat[1].txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@as-eu.falkag[3].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@sel.as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@sel.as-us.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@a.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@a.as-eu.falkag[3].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@as1.falkag[3].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@as-eu.falkag[3].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@as-eu.falkag[3].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@fastclick[3].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@gator[2].txt -> TrackingCookie.Gator : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@gator[1].txt -> TrackingCookie.Gator : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@gator[1].txt -> TrackingCookie.Gator : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@ehg-edgebe.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@ehg-fifa.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@ehg-nokiafin.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@hitbox[3].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@ehg-sonyesolutions.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@ehg-sonyeu.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@ehg-vivacances.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@hitbox[3].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@ehg-sonyesolutions.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@ehg-sonyeu.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@ehg-vivacances.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@hitbox[3].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@counter2.hitslink[2].txt -> TrackingCookie.Hitslink : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@ilead.itrack[1].txt -> TrackingCookie.Itrack : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@ilead.itrack[1].txt -> TrackingCookie.Itrack : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@linksynergy[1].txt -> TrackingCookie.Linksynergy : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@ayb.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@f28999.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@i14980.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@i5799.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@l6401.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@lop[2].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@lop[3].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@m23267.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@n3335.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@r4960.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@s15280.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@srch.lop[2].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@ayb.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@f28999.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@i14980.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@i5799.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@l6401.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@lop[2].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@lop[3].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@m23267.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@n3335.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@r4960.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@s15280.bins.lop[1].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@srch.lop[2].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@mediaplex[3].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@overture[4].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@overture[3].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@overture[3].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@paypopup[2].txt -> TrackingCookie.Paypopup : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@popunder.paypopup[2].txt -> TrackingCookie.Paypopup : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@paypopup[2].txt -> TrackingCookie.Paypopup : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@popunder.paypopup[2].txt -> TrackingCookie.Paypopup : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@qksrv[3].txt -> TrackingCookie.Qksrv : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@revenue[1].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@revenue[2].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@revenue[3].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@revenue[1].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@revenue[2].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@revenue[3].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@revenue[5].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@revenue[1].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@revenue[2].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@revenue[3].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@revenue[5].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@bs.serving-sys[3].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@serving-sys[4].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@www.smartadserver[3].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@www.smartadserver[3].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@www.smartadserver[4].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@www.smartadserver[3].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@www.smartadserver[3].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@spylog[1].txt -> TrackingCookie.Spylog : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@targetnet[2].txt -> TrackingCookie.Targetnet : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@targetnet[2].txt -> TrackingCookie.Targetnet : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@tradedoubler[3].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@tradedoubler[3].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@tradedoubler[5].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@www.tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@tradedoubler[4].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@tradedoubler[4].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@trafficmp[3].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@trafficmp[3].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@valueclick[3].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@valueclick[3].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@valueclick[4].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@weborama[1].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\Denise\Cookies\denise@weborama[4].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@blackbox.weborama[1].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@weborama[1].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@weborama[4].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@weborama[5].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@weborama[1].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@weborama[1].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Florence\Cookies\florence@zedo[3].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Florence\Cookies\sylvie@zedo[3].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Sylvie\Cookies\sylvie@zedo[3].txt -> TrackingCookie.Zedo : Cleaned.
C:\WINNT\inet20026\Icq.exe -> Trojan.Agent.gq : Cleaned.
C:\WINNT\inet20026\Icq.exe.bak -> Trojan.Agent.gq : Cleaned.
C:\WINNT\Temp\pol1381.tmp -> Trojan.EmailSpy : Cleaned.
C:\WINNT\Temp\pol349B.tmp -> Trojan.EmailSpy : Cleaned.
C:\WINNT\Temp\pol9853.tmp -> Trojan.EmailSpy : Cleaned.
C:\WINNT\Temp\pol9F7.tmp -> Trojan.EmailSpy : Cleaned.

::Report end

Meric beaucoup de ton aide et je te souhaite une excellente après-midi et soirée ;-)

CleanDows

Coucou banania8,

* Je t'encourage à suivre scupuleusement cette procédure ; si tu as la moindre question, n'hésite pas à la poser, nous sommes là pour t'aider *

---> Ewido a déjà fait du bon travail, il a nettoyé pas mal de "crasses" (traces de CoolWebSearch, de Lop, et de Gator notamment)

1) Redémarre ton poste en mode sans échec sur ta session : http://service1.symantec.com/suppo [...] 5112131924

2) Relance HijackThis et choisis cette fois l'option "Do A System Scan Only"

3) Coche les lignes suivantes et clique sur "Fix Checked"

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.40.1.1:80

F3 - REG:win.ini: run=C:\WINNT\inet20026\services.exe

O2 - BHO: (no name) - {4E141503-734F-4480-8921-6FAF5D630A15} - C:\WINNT\system32\mlonjp.dll (file missing)

O2 - BHO: HBO Class - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - C:\WINNT\inet20026\3.03.00.dll

O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)

O2 - BHO: BHO - {9BB5B49C-0D59-418d-A6A5-F6373B8FEF64} - C:\Program Files\BHO Plugin\plugin.dll (file missing)

O2 - BHO: (no name) - {F2AB0AF3-A2AA-7370-6537-A7DE39CC24AB} - C:\DOCUME~1\Sylvie\APPLIC~1\THIRDC~1\dog dupe.exe (file missing)

O4 - HKLM\..\Run: [System] C:\WINNT\system32\testtestt.exe

O4 - HKLM\..\Run: [eeda0d48.exe] C:\WINNT\system32\eeda0d48.exe

O4 - HKLM\..\Run: [spoolsvv] C:\WINNT\system32\spoolsvv.exe

O4 - HKLM\..\Run: [xp_system] C:\WINNT\inet20026\services.exe

O4 - HKLM\..\Run: [Microsoft standard protector] C:\WINNT\inet20026\socks.exe

O4 - HKLM\..\RunServices: [SystemTools] C:\WINNT\system32\testtestt.exe

O4 - HKCU\..\Run: [eeda0d48.exe] C:\Documents and Settings\Administrateur\Local Settings\Application Data\eeda0d48.exe

O4 - HKCU\..\Run: [xp_system] C:\WINNT\inet20026\services.exe

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm

O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.68/oV6gwQhvHvfnBw_m7RmP.chm:on- line.exe

O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q330995.exe

O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/1 [...] comInt.cab

O18 - Filter: text/html - {509EFBD4-6B5F-412C-9F42-80AE5C28FEC2} - C:\WINNT\system32\mlonjp.dll

O18 - Filter: text/plain - {509EFBD4-6B5F-412C-9F42-80AE5C28FEC2} - C:\WINNT\system32\mlonjp.dll

O20 - Winlogon Notify: artm_newreg - C:\Documents and Settings\All Users\Documents\Settings\artm_new.dll

O20 - Winlogon Notify: PCANotify - C:\WINNT\SYSTEM32\PCANotify.dll

O20 - Winlogon Notify: polymorphreg - C:\Documents and Settings\All Users\Documents\Settings\polymorph.dll

4) Toujours en mode sans échec, assure-toi d'avoir accès aux fichiers cachés / système : http://perso.orange.fr/astwinds/as [...] aches.html

5) Supprime les fichiers suivants (si encore présents) :

* C:\Documents and Settings\All Users\Documents\Settings\polymorph.dll
* C:\WINNT\SYSTEM32\PCANotify.dll
* C:\Documents and Settings\All Users\Documents\Settings\artm_new.dll
* C:\WINNT\system32\mlonjp.dll
* C:\Documents and Settings\Administrateur\Local Settings\Application Data\eeda0d48.exe
* C:\WINNT\system32\testtestt.exe
* C:\WINNT\system32\eeda0d48.exe

6) Supprime tout le dossier suivant ainsi que son contenu :

* C:\WINNT\inet20026\

7) Installe et exécute "Cleanup" (normalement toujours sur ton bureau)

----> Choisis "Cleanup" et clique sur "NON" pour rendre le nettoyage effectif

8) Redémarre ta machine en mode normal

9) Ne garde qu'UN SEUL antivirus sur ta machine, il me semble que tu en as installé plusieurs...

10) Reposte un nouveau log HijackThis

/*\ Rencontres-tu encore des problèmes avec ta machine ?
/*\ Tout refonctionne-t-il convenablement ?

Bonne chance à toi !!!

banania8

Bonjour cleandows
J'ai suivi exactement ce que tu m'as dit de faire mais je n'ai pas pu supprimer tous les fichiers.
Impossible de supprimer C:\WINNT\SYSTEM32\PCANotify.dll car il est utilisé par Windows en même temps
Impossible de supprimer C:\Documents and Settings\All Users\Documents\Settings\polymorph.dll et C:\Documents and Settings\All Users\Documents\Settings\artm_new.dll car le dossier Settings n'existe plus.

J'avais installé avast avant de demander ton aide et je l'ai supprimé. Peux-tu me dire si il y a d'autres antivirus en regardant le log stp?

Sinon tout c'est bien passé, les fenêtres m'indiquant qu'il y avait des virus n'apparaissent plus mais il y a toujours le sablier à côté de la souris.

Voici le log de hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 09:20:29, on 28/07/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Sophos\Remote Update\cachemgr.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Sophos SWEEP for NT\SWNETSUP.EXE
C:\Program Files\Sophos SWEEP for NT\SWEEPSRV.SYS
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\hkcmd.exe
C:\Program Files\Sophos SWEEP for NT\ICMON.EXE
C:\Program Files\Sophos\Remote Update\imonitor.exe
C:\WINNT\system32\msiexec.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE
C:\Program Files\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [WMedia16] wmedia16.exe
O4 - Global Startup: InterCheck Monitor.LNK = C:\Program Files\Sophos SWEEP for NT\ICMON.EXE
O4 - Global Startup: Remote Update Monitor.lnk = C:\Program Files\Sophos\Remote Update\imonitor.exe
O4 - Global Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{38BED561-D55C-421D-8BAE-21500B00C63E}: NameServer = 194.2.0.20,194.2.0.50
O17 - HKLM\System\CS1\Services\Tcpip\..\{38BED561-D55C-421D-8BAE-21500B00C63E}: NameServer = 194.2.0.20,194.2.0.50
O17 - HKLM\System\CS2\Services\Tcpip\..\{38BED561-D55C-421D-8BAE-21500B00C63E}: NameServer = 194.2.0.20,194.2.0.50
O20 - Winlogon Notify: artm_newreg - C:\Documents and Settings\All Users\Documents\Settings\artm_new.dll
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe (file missing)
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Sophos Cache Manager (CacheMgr) - SOPHOS Plc - C:\Program Files\Sophos\Remote Update\cachemgr.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Iap - Dell Computer Corporation - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
O23 - Service: Sophos Anti-Virus Network (SweepNet) - Sophos Plc - C:\Program Files\Sophos SWEEP for NT\SWNETSUP.EXE
O23 - Service: Sophos Anti-Virus (SWEEPSRV.SYS) - Sophos Plc - C:\Program Files\Sophos SWEEP for NT\SWEEPSRV.SYS

Est-ce qu'il reste des virus?

Je te remercie beaucoup de ton aide.

CleanDows

Super banania8,

Tu as bien avancé, mais il reste des virus...

1) Copie-colle ceci dans le bloc-note et enregistre-le en tant que "fix.txt"

Citation :

registry keys to delete:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\artm_newreg
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\polymorph
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\PCANotify

Files to Delete:
C:\Documents and Settings\All Users\Documents\Settings\artm_new.dll
C:\WINNT\SYSTEM32\PCANotify.dll

2) Télécharge "The Avenger" ici : http://swandog46.geekstogo.com/avenger.zip

3) Décompresse le fichier sur ton bureau et exécute "avenger.exe"

4) Clique sur OK et choisis "Load Script from File" avant de cliquer sur l'icône jaune

5) Retrouve "fix.txt" que tu as mis sur ton bureau, clique sur le feu vert, sur oui et redémarre l'ordinateur en mode sans échec.

6) Relance HijackThis, coche les lignes :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm

7) Poste le rapport Avenger [C:\avenger.txt]

8) Reposte un log HijackThis

---> En ce qui concerne tes antivirus, je vois des traces de produits Symantec (pcAnywhere), Kaspersky et Sophos... Désinstalle ceux qui ne te sont pas absolument nécessaires !

** Tu étais fort infecté et les virus présents bien incrustés (dans le Winlogon), bravo pour ta patience !

** Comment se comporte ta machine maintenant ?

Bien à toi,

Message édité par CleanDows le 28-07-2006 à 15:50:05

FORUM HardWare.fr

Windows & Software

Sécurité

antivirus troj/agent-ayo

Sujets relatifs
Boitier ou Serveur dédié antivirus ?	Problème avec Avast antivirus - fichier Ashmaisv.exe
Antivirus etc...	Quels antivirus gratuis???
encore un probleme avec magicContol.agent	je cherche un antivirus efficace
Problème avec Avast antivirus	MagicControl.Agent
stratégie norton antivirus corporate	Quel est l'antivirus (payant) qui ralentit le moins mon PC ?
Plus de sujets relatifs à : antivirus troj/agent-ayo

Page générée en 0.096 secondes