S'abonner :  Newsletters    Magazines
Avis sur les produits Avis sur les logiciels Avis sur les jeux Actualités A propos de 01net
191 utilisateurs connectés
Forum de 01net / Sécurité / Spyware Quake et Win32:dialer 520

Spyware Quake et Win32:dialer 520

riesseg le 30 mars 2006 à 23h15
Windows de merde...

BIn moi aussi j'ai le meme probleme, et je requiers votre aide.

HiJackThis:

Logfile of HijackThis v1.99.1
Scan saved at 16:09:34, on 30/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\nvctrl.exe
D:\Program Files\Apoint2K\Apoint.exe
D:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
D:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
D:\WINDOWS\system32\hphmon05.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\AGRSMMSG.exe
D:\Program Files\SpywareQuake\SpywareQuake.exe
D:\Program Files\Apoint2K\Apntex.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\SpywareQuake\SpywareQuake.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Firefox\firefox.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
D:\Documents and Settings\riesseg\Desktop\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.2020search.com/search/9884/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.2020search.com/search/9884/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.2020search.com/search/9884/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.2020search.com/search/9884/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
O2 - BHO: Nothing - {4da4616d-7e6e-4fd9-a2d5-b6c535733e22} - D:\WINDOWS\system32\hp6F63.tmp
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Apoint] D:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cpqset] D:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [HPHUPD05] D:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Software Update] "D:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] D:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SpywareQuake] D:\Program Files\SpywareQuake\SpywareQuake.exe /h
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Tbsa] "D:\DOCUME~1\riesseg\MYDOCU~1\WNSXS~1\dllhost.exe" -vt yazr
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download by Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.i-lookup.com
O15 - Trusted Zone: *.offshoreclicks.com
O15 - Trusted Zone: *.teensguru.com
O15 - Trusted Zone: *.xxxtoolbar.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_s(...)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - http://www.mt-download.com/MediaTicketsInstaller.cab?refid=5071
O17 - HKLM\System\CCS\Services\Tcpip\..\{51A7FD7E-E6D3-4AB3-BDB3-005CCED0938C}: NameServer = 142.169.1.16,199.84.242.22
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: winemx32 - D:\WINDOWS\SYSTEM32\winemx32.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - D:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: wampapache - Unknown owner - c:\Program Files\wamp\apache\Apache.exe" --ntservice (file missing)
O23 - Service: wampmysqld - Unknown owner - c:\Program Files\wamp\mysql\bin\mysqld-nt.exe" --defaults-file=D:\WINDOWS\mywamp.ini wampmysqld (file missing)



et Smitfraudfix


SmitFraudFix v2.26

Rapport fait à 16:14:28,46 le 30/03/2006
Executé à partir de D:\Documents and Settings\riesseg\Desktop\Smitfraudfix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» Recherche D:\


»»»»»»»»»»»»»»»»»»»»»»»» Recherche D:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» Recherche D:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» Recherche D:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» Recherche D:\WINDOWS\system32

D:\WINDOWS\system32\AdService.dll PRESENT !
D:\WINDOWS\system32\dfrgsrv.exe PRESENT !
D:\WINDOWS\system32\hp????.tmp PRESENT !
D:\WINDOWS\system32\ld????.tmp PRESENT !
D:\WINDOWS\system32\ncompat.tlb PRESENT !
D:\WINDOWS\system32\nvctrl.exe PRESENT !
D:\WINDOWS\system32\ot.ico PRESENT !
D:\WINDOWS\system32\stickrep.dll PRESENT !
D:\WINDOWS\system32\ts.ico PRESENT !
D:\WINDOWS\system32\1024\ PRESENT!

»»»»»»»»»»»»»»»»»»»»»»»» Recherche D:\Documents and Settings\riesseg\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Recherche Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» Recherche Favoris

D:\Documents and Settings\riesseg\Favorites\Antivirus Test Online.url PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Recherche Bureau

D:\Documents and Settings\riesseg\Desktop\Remove Spyware.url PRESENT !
D:\Documents and Settings\riesseg\Desktop\SpywareQuake.lnk PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Recherche D:\Program Files

D:\Program Files\SpywareQuake\ PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Recherche éléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"


»»»»»»»»»»»»»»»»»»»»»»»» Recherche Sharedtaskscheduler

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"

[HKEY_CLASSES_ROOT\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_CLASSES_ROOT\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{E2CA7CD1-1AD9-F1C4-3D2A-DC1A33E7AF9D}"="USB Ware"

[HKEY_CLASSES_ROOT\CLSID\{E2CA7CD1-1AD9-F1C4-3D2A-DC1A33E7AF9D}\InProcServer32]
@="D:\WINDOWS\system32\stickrep.dll"

[HKEY_CURRENT_USER\Software\Classes\CLSID\{E2CA7CD1-1AD9-F1C4-3D2A-DC1A33E7AF9D}\InProcServer32]
@="D:\WINDOWS\system32\stickrep.dll"


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport

répondre
rub_mic le 30 mars 2006 à 23h39
Lances HijackThis => Do a sysytem scan only => coche ces lignes :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.2020search.com/search/9884/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.2020search.com/search/9884/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.2020search.com/search/9884/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.2020search.com/search/9884/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
O2 - BHO: Nothing - {4da4616d-7e6e-4fd9-a2d5-b6c535733e22} - D:\WINDOWS\system32\hp6F63.tmp
O4 - HKLM\..\Run: [SpywareQuake] D:\Program Files\SpywareQuake\SpywareQuake.exe /h
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.i-lookup.com
O15 - Trusted Zone: *.offshoreclicks.com
O15 - Trusted Zone: *.teensguru.com
O15 - Trusted Zone: *.xxxtoolbar.com
O20 - Winlogon Notify: winemx32 - D:\WINDOWS\SYSTEM32\winemx32.dll


Ensuite ferme tes programmes en cours, SURTOUT LES LOGICIEL AVEC PROTECTION EN TEMPS REEL, (antivirus, tea timer, ewido, ad-watch)... (seul HijackThis doit être ouvert) et cliques sur "FixChecked".
_______________

Telecharge ad-aware:
http://www.01net.com/telecharger/windows/Internet/internet_utlitaire/fiches/1(...)

Et le patch FR:
http://www.01net.com/telecharger/windows/Internet/internet_utlitaire/fiches/2(...)

Installe ad-aware et apres installe le patch fr.
Dans adaware,va dans la roue en haut a droite (l engrenage) et tu verras a gauche "interface".
Tu cliques, et tu verras language.tu mets francais, et mets le a jour. installes le mais ne l'utilises pas
----
Telecharge spybot search & destroy 1.4 :
http://www.01net.com/telecharger/windows/Internet/internet_utlitaire/fiches/2(...)
installes le mais ne l'utilises pas
----
Telecharge aussi a2 free (tres bon anti-trojans, et bon anti-spyware):
http://www.01net.com/telecharger/windows/Utilitaire/antivirus/fiches/26618.ht(...)

Enregistre toi (ca prends 5 min).
Ensuite mets le a jour. installes le mais ne l'utilises pas
----
- télécharge et installe ewido : http://download.ewido.net/ewido-setup.exe
- lance Ewido et mets-le à jour installes le mais ne l'utilises pas

_________________

Tout ce qui suivra devra etre fait en mode sans echec. SVP, ne pas redemarrer entre chaque manipulation. (Au risque de repartir à zéro).

Si quelque chose ne se supprimes pas ou autre, continues la manip comme il est ecrit. Juste une chose, ne t'arrête pas en cours.

DEMARRES EN MODE SANS ECHEC :
____

FAIS LES SCANS UN PAR UN.
____

Lance smitfraudfix.cmd
choisis l'option n°2
Accepte les différents nettoyages (registre et tout)
Colles ici le nouveau log généré.
____

Démarrer \ Panneau de configuration \ ajouter supprimer des programmes \ désinstalles =>

SpywareQuake
____

Supprime le fichier en gras :

C:\Program Files\SpywareQuake
____

Lances Spybot et fais une recherche de spyware et supprime tout a la fin en cochant tout.
Ensuite va dans vaccination, et vaccine le systeme.
____

Lances a² free et fais une analyse complte de ton disque dur.
Vire tout ce qu il trouve en cliquant sur "effacé les malware selectionnés", et apres sur "terminer".
____

Lances ad-aware fais une analyse complète du systeme, et supprime tout ce qu il trouve.
____

- Lance ewido
- clique "Complete System Scan"
Attention, pendant le scan, ne pas ouvrir de dossier ou le panneau de configuration
- quand le scan est terminé, clique sur "Save Report" et Copie/colle le rapport.
____

*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*
--------------------------------------------------------------
+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+*+

Si quelque chose ne va pas, dis le.
Si quelque chose ne se supprime pas dis le.
N'oublie pas de sauvegarder le rapport de ewido, et celui de smitfraudfix.
répondre
riesseg le 31 mars 2006 à 02h57


SmitFraudFix v2.26

Rapport fait à 17:43:54,12 le 30/03/2006
Executé à partir de D:\Documents and Settings\riesseg\Desktop\Smitfraudfix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

D:\WINDOWS\system32\AdService.dll supprimé
D:\WINDOWS\system32\dfrgsrv.exe supprimé
D:\WINDOWS\system32\hp????.tmp supprimé
D:\WINDOWS\system32\ld????.tmp supprimé
D:\WINDOWS\system32\ncompat.tlb supprimé
D:\WINDOWS\system32\nvctrl.exe supprimé
D:\WINDOWS\system32\ot.ico supprimé
D:\WINDOWS\system32\stickrep.dll supprimé
D:\WINDOWS\system32\ts.ico supprimé
D:\WINDOWS\system32\1024\ supprimé
D:\Program Files\SpywareQuake\ supprimé

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport


---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 19:49:35, 30/03/2006
+ Report-Checksum: 161E2FE6

+ Scan result:

:mozilla.19:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Estat : Ignored
:mozilla.20:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Smartadserver : Ignored
:mozilla.21:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Smartadserver : Ignored
:mozilla.22:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Smartadserver : Ignored
:mozilla.23:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Doubleclick : Ignored
:mozilla.24:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Weborama : Ignored
:mozilla.25:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Weborama : Ignored
:mozilla.26:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Weborama : Ignored
:mozilla.27:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Weborama : Ignored
:mozilla.28:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Weborama : Ignored
:mozilla.51:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Comclick : Ignored
:mozilla.52:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Comclick : Ignored
:mozilla.53:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Comclick : Ignored
:mozilla.54:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Comclick : Ignored
:mozilla.55:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Comclick : Ignored
:mozilla.85:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Bluestreak : Ignored
:mozilla.93:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Falkag : Ignored
:mozilla.94:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Falkag : Ignored
:mozilla.95:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Falkag : Ignored
:mozilla.96:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Falkag : Ignored
:mozilla.97:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Falkag : Ignored
:mozilla.98:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Falkag : Ignored
:mozilla.99:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Falkag : Ignored
:mozilla.100:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Falkag : Ignored
:mozilla.101:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Com : Ignored
:mozilla.109:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignored
:mozilla.110:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignored
:mozilla.117:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Overture : Ignored
:mozilla.118:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Overture : Ignored
:mozilla.119:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Fastclick : Ignored
:mozilla.120:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Fastclick : Ignored
:mozilla.121:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Falkag : Ignored
:mozilla.122:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Fastclick : Ignored
:mozilla.123:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Fastclick : Ignored
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaTickets -> Adware.PurityScan : Cleaned with backup
[224] D:\WINDOWS\system32\winemx32.dll -> Downloader.Small.cml : Cleaned with backup
:mozilla.124:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.125:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.126:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.127:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.132:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.146:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned with backup
:mozilla.152:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.153:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.154:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.155:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.156:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.157:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.158:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.159:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.160:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.161:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.162:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.163:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.164:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.165:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.170:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.171:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.173:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.174:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.175:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.176:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.183:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.204:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.205:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.206:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.207:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.208:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.209:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.211:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.212:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.214:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.215:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.219:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.220:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.221:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.222:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.224:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.225:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.226:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.232:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.233:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.253:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.254:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.255:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.256:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.277:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.278:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.279:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.282:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup
:mozilla.285:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.286:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.287:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.288:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.289:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.290:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.291:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.292:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.293:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.351:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.354:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.355:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.356:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.357:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.368:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.382:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.383:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.385:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.386:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.407:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.414:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.415:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.416:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.417:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.421:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned with backup
:mozilla.426:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.435:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.436:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.437:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.445:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.446:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
:mozilla.467:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.468:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.469:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.470:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.478:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.492:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.524:D:\Documents and Settings\riesseg\Application Data\Mozilla\Firefox\Profiles\c4m2hc00.default\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup
D:\Documents and Settings\riesseg\Cookies\riesseg@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
D:\Documents and Settings\riesseg\Desktop\HijackThis\backups\backup-20060330-172737-827.dll -> Downloader.Zlob.jp : Cleaned with backup
D:\Documents and Settings\riesseg\Local Settings\Temporary Internet Files\Content.IE5\WXM3CPI3\MediaTicketsInstaller[1].cab/MediaTicketsInstaller.ocx -> Adware.MediaTickets : Cleaned with backup
D:\Documents and Settings\riesseg\Local Settings\Temporary Internet Files\Content.IE5\WXM3CPI3\mulbin1[1].exe -> Trojan.Dialer.oy : Cleaned with backup
D:\Documents and Settings\riesseg\Local Settings\Temporary Internet Files\Content.IE5\WXM3CPI3\wdinit64[1].exe -> Trojan.Dialer.oy : Cleaned with backup
D:\Documents and Settings\riesseg\Local Settings\Temporary Internet Files\Content.IE5\WXM3CPI3\wizp32[1].exe -> Downloader.IstBar.eq : Cleaned with backup
D:\WINDOWS\mtuninst.exe -> Adware.MediaTickets : Cleaned with backup
D:\WINDOWS\system32\interf.tlb -> Trojan.Small : Cleaned with backup
D:\WINDOWS\system32\oins.exe -> Downloader.PurityScan.bt : Cleaned with backup
D:\WINDOWS\system32\winemx32.dll -> Downloader.Small.cml : Cleaned with backup
D:\WINDOWS\Temp\win1FF.tmp.exe -> Downloader.IstBar.eq : Cleaned with backup
D:\WINDOWS\Temp\win2C5.tmp.exe -> Trojan.Dialer.oy : Cleaned with backup
D:\WINDOWS\Temp\win2D.tmp -> Trojan.Dialer.u : Cleaned with backup
D:\WINDOWS\Temp\win2DA.tmp.exe -> Trojan.Dialer.oy : Cleaned with backup
D:\WINDOWS\Temp\win8.tmp.exe -> Trojan.Dialer.oy : Cleaned with backup


::Report End[/Quote]

Trop de la balle, j'ai tout recup !!
MERCIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII
en plus, j'ai meme recup mon lecteur cd que j'avais perdu je sais pas trop comment...

sinon, etant etudiant en informatiue, et parce que demain, je fais une journee d'aide et de soutient, j'aimerai que tu m'explique comment tu fais pour connaitre les fichiers a supprimer quand on fait un HijackThis...
C'est tous ce d'IE ??
et les 0-15 qui sonnent comme des trucs de cul ??

Mais ca ? O20 - Winlogon Notify: winemx32 - D:\WINDOWS\SYSTEM32\winemx32.dll
et ca ?? D:\WINDOWS\system32\hp6F63.tmp
répondre
rub_mic le 31 mars 2006 à 08h06
winemx32.dll c'est un dll malveillante.
hp6F63.tmp est un fichier temporaire, on s'en tappe de lui lol.
répondre
rub_mic le 31 mars 2006 à 14h43
Aussi, supprimes le contenu de ces dux fichier en gras :

D:\Documents and Settings\riesseg\Local Settings\Temporary Internet Files\Content.IE5
D:\WINDOWS\Temp

Voila.
Sinon, pour HijackThis :
http://www.zebulon.fr/articles/HijackThis.php

Tout est la.
Si tu as des questions, tu peux me les poser, sans problemes.
@+
répondre


PRODUITS

TÉLÉCHARGER - LOGICIELS

JEUX VIDÉOS

LOISIRS

01NET PRO

AVIS ET COMMENTAIRES

A PROPOS DE 01NET

Forum de 01net / Sécurité / Spyware Quake et Win32:dialer 520
publicité
> 01netPro :
Rubrique Formation
Actualités et dernières offres mises en ligne.

Service 01net
Newsletters 01net
abonnez vous gratuitement !
Actus
Voir le dernier numéro
Entreprise
Voir le dernier numéro
  
01Informatique
01 INFORMATIQUE
L'hebdo de référence des décideurs informatiques.
Micro Hebdo
MICRO HEBDO
L'hebdo qui vous simplifie la micro
et Internet.
L'Ordinateur Individuel
L'ORDINATEUR INDIVIDUEL
Le mensuel informatique qui vous informe et vous conseille.
Tous droits réservés © 1999 - 2009 Internext - 01net.