Bianconeri
Messages postés2Date d'inscriptiondimanche 30 avril 2006StatutMembreDernière intervention 1 mai 2006
-
1 mai 2006 à 10:08
bernie61 -
1 mai 2006 à 18:30
Et ben mon SINNAKA.A à moi il est coriace aussi...
J'ai Z.ALARM, VIRUS KEEPER 2006, SPYBOTS, A-SQUARED..rien n'y fait, je n'arrive pas à enlever le message pub..
Voilà mon JIJACK..
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O2 - BHO: Nothing - {edbf1bc8-39ab-48eb-a0a9-c75078eb7c8e} - C:\WINDOWS\system32\hp76BA.tmp
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2006 Pro\VirusKeeper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MoneyAgent] C:\Program Files\Microsoft Money\System\Money Express.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
de plus il manque le début du rapport Hijack, à refaire après le scan ewido dont tu copie le rapport aussi ici
a+
Bianconeri
Messages postés2Date d'inscriptiondimanche 30 avril 2006StatutMembreDernière intervention 1 mai 2006 1 mai 2006 à 18:27
Voila ce que tu me demandes...
Logfile of HijackThis v1.99.1
Scan saved at 18:25:57, on 01/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O2 - BHO: Nothing - {edbf1bc8-39ab-48eb-a0a9-c75078eb7c8e} - C:\WINDOWS\system32\hp76BA.tmp
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2006 Pro\VirusKeeper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MoneyAgent] C:\Program Files\Microsoft Money\System\Money Express.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Et avec EWIDO...
Name: TrackingCookie.247realmedia
Path: C:\Documents and Settings\Propriétaire\Cookies\propriétaire@247realmedia[1].txt
Risk: Medium
Name: Trojan.Fakealert
Path: [1632] C:\WINDOWS\system32\xenadot.dll
Risk: High
Name: TrackingCookie.247realmedia
Path: :mozilla.6:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.247realmedia
Path: :mozilla.7:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.8:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.9:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.10:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.11:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adtech
Path: :mozilla.14:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adtech
Path: :mozilla.15:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Falkag
Path: :mozilla.19:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Falkag
Path: :mozilla.20:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Falkag
Path: :mozilla.21:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Falkag
Path: :mozilla.22:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Falkag
Path: :mozilla.23:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Burstnet
Path: :mozilla.26:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Casalemedia
Path: :mozilla.29:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Casalemedia
Path: :mozilla.30:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Casalemedia
Path: :mozilla.31:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Com
Path: :mozilla.34:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Com
Path: :mozilla.35:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Estat
Path: :mozilla.51:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Questionmarket
Path: :mozilla.96:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.110:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Tradedoubler
Path: :mozilla.114:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Tradedoubler
Path: :mozilla.115:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Tribalfusion
Path: :mozilla.117:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Weborama
Path: :mozilla.119:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Weborama
Path: :mozilla.120:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Weborama
Path: :mozilla.121:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adserver
Path: :mozilla.128:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adserver
Path: :mozilla.129:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.133:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.134:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.135:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.136:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Googleadservices
Path: :mozilla.189:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Googleadservices
Path: :mozilla.190:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Googleadservices
Path: :mozilla.191:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Googleadservices
Path: :mozilla.192:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Smartadserver
Path: :mozilla.226:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Smartadserver
Path: :mozilla.227:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Smartadserver
Path: :mozilla.228:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: Trojan.Small
Path: C:\WINDOWS\system32\interf.tlb
Risk: High
Name: Downloader.Zlob.lx
Path: C:\WINDOWS\system32\ld7D4E.tmp
Risk: High
Name: Trojan.Fakealert
Path: C:\WINDOWS\system32\xenadot.dll
Risk: High
1 mai 2006 à 18:27
Logfile of HijackThis v1.99.1
Scan saved at 18:25:57, on 01/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\AxBx\VirusKeeper 2006 Pro\VirusKeeper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Microsoft Money\System\Money Express.exe
C:\Program Files\VeriSign\NAVI\naviagent.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\Download\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O2 - BHO: Nothing - {edbf1bc8-39ab-48eb-a0a9-c75078eb7c8e} - C:\WINDOWS\system32\hp76BA.tmp
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [VirusKeeper] C:\Program Files\AxBx\VirusKeeper 2006 Pro\VirusKeeper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MoneyAgent] C:\Program Files\Microsoft Money\System\Money Express.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega DownloadManager) - https://www.virginmega.fr/DownloadManager/Release/Prod/DownMan.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Et avec EWIDO...
Name: TrackingCookie.247realmedia
Path: C:\Documents and Settings\Propriétaire\Cookies\propriétaire@247realmedia[1].txt
Risk: Medium
Name: Trojan.Fakealert
Path: [1632] C:\WINDOWS\system32\xenadot.dll
Risk: High
Name: TrackingCookie.247realmedia
Path: :mozilla.6:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.247realmedia
Path: :mozilla.7:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.8:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.9:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.10:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.11:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adtech
Path: :mozilla.14:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adtech
Path: :mozilla.15:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Falkag
Path: :mozilla.19:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Falkag
Path: :mozilla.20:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Falkag
Path: :mozilla.21:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Falkag
Path: :mozilla.22:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Falkag
Path: :mozilla.23:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Burstnet
Path: :mozilla.26:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Casalemedia
Path: :mozilla.29:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Casalemedia
Path: :mozilla.30:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Casalemedia
Path: :mozilla.31:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Com
Path: :mozilla.34:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Com
Path: :mozilla.35:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Estat
Path: :mozilla.51:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Questionmarket
Path: :mozilla.96:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.110:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Tradedoubler
Path: :mozilla.114:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Tradedoubler
Path: :mozilla.115:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Tribalfusion
Path: :mozilla.117:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Weborama
Path: :mozilla.119:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Weborama
Path: :mozilla.120:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Weborama
Path: :mozilla.121:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adserver
Path: :mozilla.128:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adserver
Path: :mozilla.129:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.133:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.134:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.135:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.136:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Googleadservices
Path: :mozilla.189:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Googleadservices
Path: :mozilla.190:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Googleadservices
Path: :mozilla.191:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Googleadservices
Path: :mozilla.192:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Smartadserver
Path: :mozilla.226:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Smartadserver
Path: :mozilla.227:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Smartadserver
Path: :mozilla.228:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\gwoxkq3e.default\cookies.txt
Risk: Medium
Name: Trojan.Small
Path: C:\WINDOWS\system32\interf.tlb
Risk: High
Name: Downloader.Zlob.lx
Path: C:\WINDOWS\system32\ld7D4E.tmp
Risk: High
Name: Trojan.Fakealert
Path: C:\WINDOWS\system32\xenadot.dll
Risk: High