[Pop up intempestifs] Popup génants
Fermé
Altäriel
Messages postés
43
Date d'inscription
lundi 17 juillet 2006
Statut
Membre
Dernière intervention
26 octobre 2006
-
17 juil. 2006 à 18:49
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 - 17 août 2006 à 15:13
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 - 17 août 2006 à 15:13
A voir également:
- [Pop up intempestifs] Popup génants
- Pop up mcafee - Accueil - Piratage
- Serveur pop - Guide
- Autoriser pop up firefox - Guide
- Pop corn streaming - Télécharger - TV & Vidéo
- Sketch up - Télécharger - 3D
58 réponses
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
17 juil. 2006 à 19:18
17 juil. 2006 à 19:18
Salut;
Télécharge ceci: (merci a S!RI pour ce programme).
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1, il va générer un rapport
Copie/colle le sur le poste stp.
----------------------------------------------------------------------------
A+
Télécharge ceci: (merci a S!RI pour ce programme).
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1, il va générer un rapport
Copie/colle le sur le poste stp.
----------------------------------------------------------------------------
A+
Altäriel
Messages postés
43
Date d'inscription
lundi 17 juillet 2006
Statut
Membre
Dernière intervention
26 octobre 2006
17 juil. 2006 à 19:32
17 juil. 2006 à 19:32
Re-bonjour,
Norton bloque le script en le prenant pour une menace, dois-je suspendre Norton le temps de lancer l'application ?
Merci pour vos réponses,
Altäriel
Norton bloque le script en le prenant pour une menace, dois-je suspendre Norton le temps de lancer l'application ?
Merci pour vos réponses,
Altäriel
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
17 juil. 2006 à 20:04
17 juil. 2006 à 20:04
Salut
Oui. Il n est pas une menace du tout, tu peux me faire confiance.
a+
Oui. Il n est pas une menace du tout, tu peux me faire confiance.
a+
Altäriel
Messages postés
43
Date d'inscription
lundi 17 juillet 2006
Statut
Membre
Dernière intervention
26 octobre 2006
18 juil. 2006 à 10:34
18 juil. 2006 à 10:34
Salut,
Voilà j'ai procédé comme tu m'avais indiqué, j'obtiens ceci :
SmitFraudFix v2.73
Rapport fait à 10:28:25,69, 18/07/2006
Executé à partir de C:\Documents and Settings\your user name\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\ishost.exe PRESENT !
C:\WINDOWS\system32\ismon.exe PRESENT !
C:\WINDOWS\system32\isnotify.exe PRESENT !
C:\WINDOWS\system32\issearch.exe PRESENT !
C:\WINDOWS\system32\ixt?.dll PRESENT !
C:\WINDOWS\system32\ixt??.dll PRESENT !
C:\WINDOWS\system32\ot.ico PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\your user name\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\YOURUS~1\Favoris
C:\DOCUME~1\YOURUS~1\Favoris\Antivirus Test Online.url PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"cinnamomum"="{93ac7c30-3878-4eaa-9420-7977285df5b1}"
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
J'attends les prochaines instructions :)
a+
Altäriel
Voilà j'ai procédé comme tu m'avais indiqué, j'obtiens ceci :
SmitFraudFix v2.73
Rapport fait à 10:28:25,69, 18/07/2006
Executé à partir de C:\Documents and Settings\your user name\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\ishost.exe PRESENT !
C:\WINDOWS\system32\ismon.exe PRESENT !
C:\WINDOWS\system32\isnotify.exe PRESENT !
C:\WINDOWS\system32\issearch.exe PRESENT !
C:\WINDOWS\system32\ixt?.dll PRESENT !
C:\WINDOWS\system32\ixt??.dll PRESENT !
C:\WINDOWS\system32\ot.ico PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\your user name\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\YOURUS~1\Favoris
C:\DOCUME~1\YOURUS~1\Favoris\Antivirus Test Online.url PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"cinnamomum"="{93ac7c30-3878-4eaa-9420-7977285df5b1}"
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
J'attends les prochaines instructions :)
a+
Altäriel
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
^^Marie^^
Messages postés
113901
Date d'inscription
mardi 6 septembre 2005
Statut
Membre
Dernière intervention
28 août 2020
3 275
18 juil. 2006 à 11:09
18 juil. 2006 à 11:09
Salut,
Pour avancer,
ENSUITE
2°/ - Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du PC sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape ‘Entrée’ sur ton clavier.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres, c’est normal !
(Si F8 ne marche pas utilise la touche F5).
3°/ - Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond OUI à tout ;
Sauvegarde le rapport, redémarre en mode normal,
Copie-COLLE le rapport sauvegardé sur le forum.
et tu refais un Hitjackthis Merci
A++
Pour avancer,
ENSUITE
2°/ - Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du PC sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape ‘Entrée’ sur ton clavier.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres, c’est normal !
(Si F8 ne marche pas utilise la touche F5).
3°/ - Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond OUI à tout ;
Sauvegarde le rapport, redémarre en mode normal,
Copie-COLLE le rapport sauvegardé sur le forum.
et tu refais un Hitjackthis Merci
A++
Altäriel
Messages postés
43
Date d'inscription
lundi 17 juillet 2006
Statut
Membre
Dernière intervention
26 octobre 2006
18 juil. 2006 à 11:36
18 juil. 2006 à 11:36
Salut,
Voici le rapport Smitfraud :
SmitFraudFix v2.73
Rapport fait à 11:27:45,79, 18/07/2006
Executé à partir de C:\Documents and Settings\your user name\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"cinnamomum"="{93ac7c30-3878-4eaa-9420-7977285df5b1}"
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
C:\WINDOWS\system32\pmnqguh.dll -> Missing File
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\system32\ishost.exe supprimé
C:\WINDOWS\system32\ismon.exe supprimé
C:\WINDOWS\system32\isnotify.exe supprimé
C:\WINDOWS\system32\issearch.exe supprimé
C:\WINDOWS\system32\ixt?.dll supprimé
C:\WINDOWS\system32\ot.ico supprimé
C:\DOCUME~1\YOURUS~1\Favoris\Antivirus Test Online.url supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Et le rapport Hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 11:34:20, on 18/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wlancfg.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\DOCUME~1\YOURUS~1\APPLIC~1\SSTEM~1\ping.exe
C:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe
C:\WINDOWS\system32\RACLE~1\TTRIB~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\your user name\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {F0586656-82E6-806C-CF3D-F6BAD8124EE0} - C:\WINDOWS\system32\bhqkan.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {F0586656-82E6-806C-CF3D-F6BAD8124EE0} - C:\WINDOWS\system32\bhqkan.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Miom] "C:\DOCUME~1\YOURUS~1\APPLIC~1\SSTEM~1\ping.exe" -vt ndrv
O4 - HKCU\..\Run: [Rni] C:\WINDOWS\system32\RACLE~1\TTRIB~1.EXE
O4 - Startup: Moniteur & Configuration.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - AppInit_DLLs: wbsys.dll C:\WINDOWS\system32\mmc.dll
O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winjyp32 - C:\WINDOWS\SYSTEM32\winjyp32.dll
O20 - Winlogon Notify: Zboard - C:\WINDOWS\SYSTEM32\Winlognotif.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\WINDOWS\wlancfg.exe
Merci pour votre aide,
Altäriel
Voici le rapport Smitfraud :
SmitFraudFix v2.73
Rapport fait à 11:27:45,79, 18/07/2006
Executé à partir de C:\Documents and Settings\your user name\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"cinnamomum"="{93ac7c30-3878-4eaa-9420-7977285df5b1}"
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
C:\WINDOWS\system32\pmnqguh.dll -> Missing File
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\system32\ishost.exe supprimé
C:\WINDOWS\system32\ismon.exe supprimé
C:\WINDOWS\system32\isnotify.exe supprimé
C:\WINDOWS\system32\issearch.exe supprimé
C:\WINDOWS\system32\ixt?.dll supprimé
C:\WINDOWS\system32\ot.ico supprimé
C:\DOCUME~1\YOURUS~1\Favoris\Antivirus Test Online.url supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Et le rapport Hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 11:34:20, on 18/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wlancfg.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\DOCUME~1\YOURUS~1\APPLIC~1\SSTEM~1\ping.exe
C:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe
C:\WINDOWS\system32\RACLE~1\TTRIB~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\your user name\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {F0586656-82E6-806C-CF3D-F6BAD8124EE0} - C:\WINDOWS\system32\bhqkan.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {F0586656-82E6-806C-CF3D-F6BAD8124EE0} - C:\WINDOWS\system32\bhqkan.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Miom] "C:\DOCUME~1\YOURUS~1\APPLIC~1\SSTEM~1\ping.exe" -vt ndrv
O4 - HKCU\..\Run: [Rni] C:\WINDOWS\system32\RACLE~1\TTRIB~1.EXE
O4 - Startup: Moniteur & Configuration.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - AppInit_DLLs: wbsys.dll C:\WINDOWS\system32\mmc.dll
O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winjyp32 - C:\WINDOWS\SYSTEM32\winjyp32.dll
O20 - Winlogon Notify: Zboard - C:\WINDOWS\SYSTEM32\Winlognotif.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\WINDOWS\wlancfg.exe
Merci pour votre aide,
Altäriel
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
18 juil. 2006 à 12:24
18 juil. 2006 à 12:24
Salut
Ah tu devrais deja voir quelques changements.
Telecharge ceci
https://www.silentrunners.org/Silent%20Runners.vbs
Execute le,atends quelques minutes, il va creer ensuite un dossier juste a coté de silent runner sous format texte, copie/colle ce qu il te donnera
A+
Ah tu devrais deja voir quelques changements.
Telecharge ceci
https://www.silentrunners.org/Silent%20Runners.vbs
Execute le,atends quelques minutes, il va creer ensuite un dossier juste a coté de silent runner sous format texte, copie/colle ce qu il te donnera
A+
Altäriel
Messages postés
43
Date d'inscription
lundi 17 juillet 2006
Statut
Membre
Dernière intervention
26 octobre 2006
18 juil. 2006 à 12:33
18 juil. 2006 à 12:33
Salut,
Oui en effet le nombre de fenêtre a deja diminué :) .
Je vais casser la croute et je fais ça après,
A toute,
Altäriel
Oui en effet le nombre de fenêtre a deja diminué :) .
Je vais casser la croute et je fais ça après,
A toute,
Altäriel
Altäriel
Messages postés
43
Date d'inscription
lundi 17 juillet 2006
Statut
Membre
Dernière intervention
26 octobre 2006
18 juil. 2006 à 12:48
18 juil. 2006 à 12:48
Re-salut,
Après un bon sandouiche, et après avoir lancé Silentrunners, j'obtiens ceci :
"Silent Runners.vbs", revision 46, https://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\
"{98A97CBA-08A3-1036-0303-051116040021}" = ""C:\Program Files\Fichiers communs\{98A97CBA-08A3-1036-0303-051116040021}\Update.exe" mc-110-12-0000272" [null data]
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"RemoteCenter" = "C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE" ["Creative Technology Ltd"]
"Steam" = (empty string)
"MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS]
"Miom" = ""C:\DOCUME~1\YOURUS~1\APPLIC~1\SSTEM~1\ping.exe" -vt ndrv" [null data]
"Rni" = "C:\WINDOWS\system32\RACLE~1\TTRIB~1.EXE" [null data]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ {++}
"ZboardTray" = ""C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe" /autolaunch" [empty string]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTHelper" = "CTHELPER.EXE" ["Creative Technology Ltd"]
"SunJavaUpdateSched" = "C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe" ["Sun Microsystems, Inc."]
"ccApp" = ""C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"" ["Symantec Corporation"]
"Symantec NetDriver Monitor" = "C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer" ["Symantec Corporation"]
"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS]
"nwiz" = "nwiz.exe /install" ["NVIDIA Corporation"]
"NvMediaCenter" = "RunDLL32.exe NvMCTray.dll,NvTaskbarInit" [MS]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AcroIEHlprObj Class"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx" [empty string]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]
{BDF3E430-B101-42AD-A544-FADC6B084872}\(Default) = "NAV Helper"
-> {HKLM...CLSID} = "CNavExtBho Class"
\InProcServer32\(Default) = "C:\Program Files\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]
{F0586656-82E6-806C-CF3D-F6BAD8124EE0}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\bhqkan.dll" [file not found]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Extension Affichage Panorama du Panneau de configuration"
-> {HKLM...CLSID} = "Extension Affichage Panorama du Panneau de configuration"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Extension icône HyperTerminal"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices"
-> {HKLM...CLSID} = "Portable Media Devices"
\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
-> {HKLM...CLSID} = "Portable Media Devices Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"
-> {HKLM...CLSID} = "DesktopContext Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"
-> {HKLM...CLSID} = "NVIDIA CPL Extension"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]
"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"
-> {HKLM...CLSID} = "Desktop Explorer"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"
-> {HKLM...CLSID} = "nView Desktop Context Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{21569614-B795-46b1-85F4-E737A8DC09AD}" = "Shell Search Band"
-> {HKLM...CLSID} = "Shell Search Band"
\InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS]
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\
INFECTION WARNING! "AppInit_DLLs" = "wbsys.dll C:\WINDOWS\system32\mmc.dll" ["Stardock.Net, Inc"]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! WB\DLLName = "C:\Program Files\AlienGUIse\fastload.dll" ["Stardock"]
INFECTION WARNING! WgaLogon\DLLName = "WgaLogon.dll" [MS]
INFECTION WARNING! winjyp32\DLLName = "winjyp32.dll" [null data]
INFECTION WARNING! Zboard\DLLName = "Winlognotif.dll" [null data]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}"
-> {HKLM...CLSID} = "IEContextMenu Class"
\InProcServer32\(Default) = "C:\Program Files\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}"
-> {HKLM...CLSID} = "IEContextMenu Class"
\InProcServer32\(Default) = "C:\Program Files\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
Active Desktop and Wallpaper:
-----------------------------
Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\your user name\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"
Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\system32\ssstars.scr" [MS]
Startup items in "your user name" & "All Users" startup folders:
----------------------------------------------------------------
C:\Documents and Settings\your user name\Menu Démarrer\Programmes\Démarrage
"Moniteur & Configuration" -> shortcut to: "C:\Program Files\802.11 Wireless LAN\WlanMonitor.exe" ["ATMEL"]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
"Adobe Gamma Loader" -> shortcut to: "C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe" ["Adobe Systems, Inc."]
Enabled Scheduled Tasks:
------------------------
"Symantec NetDetect" -> launches: "C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE" ["Symantec Corporation"]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 23
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05
Toolbars, Explorer Bars, Extensions:
------------------------------------
Toolbars
HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}"
-> {HKLM...CLSID} = "Norton AntiVirus"
\InProcServer32\(Default) = "C:\Program Files\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]
HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" = "Norton AntiVirus"
-> {HKLM...CLSID} = "Norton AntiVirus"
\InProcServer32\(Default) = "C:\Program Files\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Console Java (Sun)"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}"
-> {HKLM...CLSID} = "Java Plug-in 1.5.0_04"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll" ["Sun Microsystems, Inc."]
{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]
Miscellaneous IE Hijack Points
------------------------------
C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings")
Added lines (compared with English-language version):
[Strings]: SAFESITE_VALUE="https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fhome.microsoft.com%2fintl%2ffr%2f%3f"
Missing lines (compared with English-language version):
[Strings]: 1 line
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\
"{F0586656-82E6-806C-CF3D-F6BAD8124EE0}" = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\bhqkan.dll" [file not found]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
Creative Service for CDROM Access, Creative Service for CDROM Access, "C:\WINDOWS\system32\CTSvcCDA.EXE" ["Creative Technology Ltd"]
HTTP SSL, HTTPFilter, "C:\WINDOWS\System32\svchost.exe -k HTTPFilter" {"C:\WINDOWS\System32\w3ssl.dll" [MS]}
NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"]
SAVScan, SAVScan, ""C:\Program Files\Norton AntiVirus\SAVScan.exe"" ["Symantec Corporation"]
Service de lancement de WlanCfg, Wlancfg, "C:\WINDOWS\wlancfg.exe SVC" ["Inventel"]
Service Norton AntiVirus Auto-Protect, navapsvc, ""C:\Program Files\Norton AntiVirus\navapsvc.exe"" ["Symantec Corporation"]
Symantec Event Manager, ccEvtMgr, ""C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe"" ["Symantec Corporation"]
Symantec Settings Manager, ccSetMgr, ""C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe"" ["Symantec Corporation"]
SymWMI Service, SymWSC, ""C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe"" ["Symantec Corporation"]
Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS]
WMDM PMSP Service, WMDM PMSP Service, "C:\WINDOWS\system32\MsPMSPSv.exe" [MS]
----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points and all Registry CLSIDs for dormant Explorer Bars,
use the -supp parameter or answer "No" at the first message box.
---------- (total run time: 34 seconds, including 18 seconds for message boxes)
A+,
Altä
Après un bon sandouiche, et après avoir lancé Silentrunners, j'obtiens ceci :
"Silent Runners.vbs", revision 46, https://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\
"{98A97CBA-08A3-1036-0303-051116040021}" = ""C:\Program Files\Fichiers communs\{98A97CBA-08A3-1036-0303-051116040021}\Update.exe" mc-110-12-0000272" [null data]
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"RemoteCenter" = "C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE" ["Creative Technology Ltd"]
"Steam" = (empty string)
"MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS]
"Miom" = ""C:\DOCUME~1\YOURUS~1\APPLIC~1\SSTEM~1\ping.exe" -vt ndrv" [null data]
"Rni" = "C:\WINDOWS\system32\RACLE~1\TTRIB~1.EXE" [null data]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ {++}
"ZboardTray" = ""C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe" /autolaunch" [empty string]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTHelper" = "CTHELPER.EXE" ["Creative Technology Ltd"]
"SunJavaUpdateSched" = "C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe" ["Sun Microsystems, Inc."]
"ccApp" = ""C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"" ["Symantec Corporation"]
"Symantec NetDriver Monitor" = "C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer" ["Symantec Corporation"]
"NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS]
"nwiz" = "nwiz.exe /install" ["NVIDIA Corporation"]
"NvMediaCenter" = "RunDLL32.exe NvMCTray.dll,NvTaskbarInit" [MS]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AcroIEHlprObj Class"
\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx" [empty string]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRA~1\SPYBOT~1\SDHelper.dll" ["Safer Networking Limited"]
{BDF3E430-B101-42AD-A544-FADC6B084872}\(Default) = "NAV Helper"
-> {HKLM...CLSID} = "CNavExtBho Class"
\InProcServer32\(Default) = "C:\Program Files\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]
{F0586656-82E6-806C-CF3D-F6BAD8124EE0}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\bhqkan.dll" [file not found]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Extension Affichage Panorama du Panneau de configuration"
-> {HKLM...CLSID} = "Extension Affichage Panorama du Panneau de configuration"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Extension icône HyperTerminal"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices"
-> {HKLM...CLSID} = "Portable Media Devices"
\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu"
-> {HKLM...CLSID} = "Portable Media Devices Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class"
-> {HKLM...CLSID} = "DesktopContext Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]
"{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper"
-> {HKLM...CLSID} = "NVIDIA CPL Extension"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"]
"{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer"
-> {HKLM...CLSID} = "Desktop Explorer"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu"
-> {HKLM...CLSID} = "nView Desktop Context Menu"
\InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"]
"{21569614-B795-46b1-85F4-E737A8DC09AD}" = "Shell Search Band"
-> {HKLM...CLSID} = "Shell Search Band"
\InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS]
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\
INFECTION WARNING! "AppInit_DLLs" = "wbsys.dll C:\WINDOWS\system32\mmc.dll" ["Stardock.Net, Inc"]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! WB\DLLName = "C:\Program Files\AlienGUIse\fastload.dll" ["Stardock"]
INFECTION WARNING! WgaLogon\DLLName = "WgaLogon.dll" [MS]
INFECTION WARNING! winjyp32\DLLName = "winjyp32.dll" [null data]
INFECTION WARNING! Zboard\DLLName = "Winlognotif.dll" [null data]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}"
-> {HKLM...CLSID} = "IEContextMenu Class"
\InProcServer32\(Default) = "C:\Program Files\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}"
-> {HKLM...CLSID} = "IEContextMenu Class"
\InProcServer32\(Default) = "C:\Program Files\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
Active Desktop and Wallpaper:
-----------------------------
Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\your user name\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"
Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\system32\ssstars.scr" [MS]
Startup items in "your user name" & "All Users" startup folders:
----------------------------------------------------------------
C:\Documents and Settings\your user name\Menu Démarrer\Programmes\Démarrage
"Moniteur & Configuration" -> shortcut to: "C:\Program Files\802.11 Wireless LAN\WlanMonitor.exe" ["ATMEL"]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
"Adobe Gamma Loader" -> shortcut to: "C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe" ["Adobe Systems, Inc."]
Enabled Scheduled Tasks:
------------------------
"Symantec NetDetect" -> launches: "C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE" ["Symantec Corporation"]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 23
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05
Toolbars, Explorer Bars, Extensions:
------------------------------------
Toolbars
HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}"
-> {HKLM...CLSID} = "Norton AntiVirus"
\InProcServer32\(Default) = "C:\Program Files\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]
HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" = "Norton AntiVirus"
-> {HKLM...CLSID} = "Norton AntiVirus"
\InProcServer32\(Default) = "C:\Program Files\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Console Java (Sun)"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}"
-> {HKLM...CLSID} = "Java Plug-in 1.5.0_04"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll" ["Sun Microsystems, Inc."]
{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]
Miscellaneous IE Hijack Points
------------------------------
C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings")
Added lines (compared with English-language version):
[Strings]: SAFESITE_VALUE="https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fhome.microsoft.com%2fintl%2ffr%2f%3f"
Missing lines (compared with English-language version):
[Strings]: 1 line
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\
"{F0586656-82E6-806C-CF3D-F6BAD8124EE0}" = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\bhqkan.dll" [file not found]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
Creative Service for CDROM Access, Creative Service for CDROM Access, "C:\WINDOWS\system32\CTSvcCDA.EXE" ["Creative Technology Ltd"]
HTTP SSL, HTTPFilter, "C:\WINDOWS\System32\svchost.exe -k HTTPFilter" {"C:\WINDOWS\System32\w3ssl.dll" [MS]}
NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"]
SAVScan, SAVScan, ""C:\Program Files\Norton AntiVirus\SAVScan.exe"" ["Symantec Corporation"]
Service de lancement de WlanCfg, Wlancfg, "C:\WINDOWS\wlancfg.exe SVC" ["Inventel"]
Service Norton AntiVirus Auto-Protect, navapsvc, ""C:\Program Files\Norton AntiVirus\navapsvc.exe"" ["Symantec Corporation"]
Symantec Event Manager, ccEvtMgr, ""C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe"" ["Symantec Corporation"]
Symantec Settings Manager, ccSetMgr, ""C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe"" ["Symantec Corporation"]
SymWMI Service, SymWSC, ""C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe"" ["Symantec Corporation"]
Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS]
WMDM PMSP Service, WMDM PMSP Service, "C:\WINDOWS\system32\MsPMSPSv.exe" [MS]
----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points and all Registry CLSIDs for dormant Explorer Bars,
use the -supp parameter or answer "No" at the first message box.
---------- (total run time: 34 seconds, including 18 seconds for message boxes)
A+,
Altä
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
18 juil. 2006 à 18:30
18 juil. 2006 à 18:30
Salut
C'est tres infecté tout ca.
Télécharge la version d'évaluation d'Ewido:
https://www.avg.com/en-ww/homepage
Installe et mets à jour.
Important: Pendant l'installation, sur la page "Additional Options" décoche les deux options "Install background guard" et "Install scan via context menu".
Démarre Ewido avec l'icône qui se trouve sur ton Bureau. Clique sur mise à jour, attendre la fin de cette mise à jour puis, ferme le programme.
Redémarre en mode Sans Échec (au démarrage, tapote immédiatement la touche F8, puis tu verras un écran avec choix de démarrages : choisis "Mode sans échec" avec les flèches du clavier, puis valide avec "Entrée". Choisis ton compte usuel (et non Administrateur). Relance Ewido et clique sur scanner puis sur scan complet du système.
Si des fichiers infectés sont trouvés, garde l'option par défaut Supprimer (avec la ligne "Créer des copies de sauvegarde cryptées dans la quarantaine" cochée), et coche "Effectuer cette action avec toutes les infections".
A la fin du scan, sauvegarde le rapport (Fichier/Enregistrer sous...) sur le Bureau. Redémarre en mode normal.
PS: Bon le casse croute? lol
C'est tres infecté tout ca.
Télécharge la version d'évaluation d'Ewido:
https://www.avg.com/en-ww/homepage
Installe et mets à jour.
Important: Pendant l'installation, sur la page "Additional Options" décoche les deux options "Install background guard" et "Install scan via context menu".
Démarre Ewido avec l'icône qui se trouve sur ton Bureau. Clique sur mise à jour, attendre la fin de cette mise à jour puis, ferme le programme.
Redémarre en mode Sans Échec (au démarrage, tapote immédiatement la touche F8, puis tu verras un écran avec choix de démarrages : choisis "Mode sans échec" avec les flèches du clavier, puis valide avec "Entrée". Choisis ton compte usuel (et non Administrateur). Relance Ewido et clique sur scanner puis sur scan complet du système.
Si des fichiers infectés sont trouvés, garde l'option par défaut Supprimer (avec la ligne "Créer des copies de sauvegarde cryptées dans la quarantaine" cochée), et coche "Effectuer cette action avec toutes les infections".
A la fin du scan, sauvegarde le rapport (Fichier/Enregistrer sous...) sur le Bureau. Redémarre en mode normal.
PS: Bon le casse croute? lol
Altäriel
Messages postés
43
Date d'inscription
lundi 17 juillet 2006
Statut
Membre
Dernière intervention
26 octobre 2006
18 juil. 2006 à 20:42
18 juil. 2006 à 20:42
Salut,
C'est grave docteur ? :s
* Panique *
Je ferai tout ça demain matin, ce soir je n'ai malheuresement pas le temps :( ..
Merci pour ton aide,
Altä
Ps : ouai super bon merci. lol
C'est grave docteur ? :s
* Panique *
Je ferai tout ça demain matin, ce soir je n'ai malheuresement pas le temps :( ..
Merci pour ton aide,
Altä
Ps : ouai super bon merci. lol
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
18 juil. 2006 à 23:02
18 juil. 2006 à 23:02
Re,
Tu es infecté mais on va s en sortir t inquietes pas :-)
Reviens des que tu peux et surtout ne mange pas trop lol
a++
Tu es infecté mais on va s en sortir t inquietes pas :-)
Reviens des que tu peux et surtout ne mange pas trop lol
a++
Altäriel
Messages postés
43
Date d'inscription
lundi 17 juillet 2006
Statut
Membre
Dernière intervention
26 octobre 2006
19 juil. 2006 à 09:50
19 juil. 2006 à 09:50
Salut,
Deux petites choses, tout d'abord, le lien vers la page FR ne marche pas, j'ai donc téléchargé à partir de la page anglaise.
Ensuite, je n'ai pas vu de page " Additional options " pendant l'installation ..
Merci d'avance
A bientôt,
Altä
Deux petites choses, tout d'abord, le lien vers la page FR ne marche pas, j'ai donc téléchargé à partir de la page anglaise.
Ensuite, je n'ai pas vu de page " Additional options " pendant l'installation ..
Merci d'avance
A bientôt,
Altä
Altäriel
Messages postés
43
Date d'inscription
lundi 17 juillet 2006
Statut
Membre
Dernière intervention
26 octobre 2006
19 juil. 2006 à 14:15
19 juil. 2006 à 14:15
Re,
dsl pour le double post, mais je viens de remarquer que des programmes viennent de surgir du néant :
Tclock.exe
Inetget2
et ipwins
Voilà, merci de votre aide,
Altä
dsl pour le double post, mais je viens de remarquer que des programmes viennent de surgir du néant :
Tclock.exe
Inetget2
et ipwins
Voilà, merci de votre aide,
Altä
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
19 juil. 2006 à 16:33
19 juil. 2006 à 16:33
Salut
C'est des elements infectieux.
Pour ewido, installe ceci:
http://perso.orange.fr/entraide-hijackthis/Ewido/
Scan ton pc avec et supprime tous ce qu il trouve !
A+
C'est des elements infectieux.
Pour ewido, installe ceci:
http://perso.orange.fr/entraide-hijackthis/Ewido/
Scan ton pc avec et supprime tous ce qu il trouve !
A+
Altäriel
Messages postés
43
Date d'inscription
lundi 17 juillet 2006
Statut
Membre
Dernière intervention
26 octobre 2006
19 juil. 2006 à 17:57
19 juil. 2006 à 17:57
Re,
Bon j'ai procédé à un scan avec Ewido ( je n'étais pas en mode sans échec ), il a détecté deux menaces élévées mais il signale "error while deleting" :
Trojan.Starter.65 et Downloader.PurityScan.co .
Voici le rapport :
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 17:52:39 19/07/2006
+ Scan result:
HKU\S-1-5-21-1708537768-1644491937-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56F1D444-11BF-4879-A12B-79CF0177F038} -> Adware.180Solutions : Cleaned.
C:\Documents and Settings\your user name\Application Data\sуstem\ping.exe -> Downloader.PurityScan.co : Cleaned.
C:\Documents and Settings\your user name\Local Settings\Temporary Internet Files\Content.IE5\0J7MUVH8\!update-4095[1].0000 -> Downloader.PurityScan.co : Cleaned.
[2424] C:\DOCUME~1\YOURUS~1\APPLIC~1\SSTEM~1\ping.exe -> Downloader.PurityScan.co : Error during cleaning.
C:\WINDOWS\system32\components\flx4.dll -> Not-A-Virus.Hoax.Win32.Renos.dw : Cleaned with backup (quarantined).
:mozilla.49:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.50:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.51:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.52:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.53:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.265:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.266:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.267:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.268:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.269:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.270:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.271:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.272:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.273:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.274:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.275:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.276:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.277:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.561:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.638:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.228:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.283:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.806:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.807:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.299:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.795:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.796:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.797:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.798:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.27:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.34:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.154:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.155:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.156:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.157:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.158:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.62:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@install.bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : Cleaned.
:mozilla.42:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.858:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.330:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.859:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@cz7.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.345:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.346:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.136:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.137:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.138:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.11:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.369:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
:mozilla.294:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.295:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.296:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.297:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.298:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.309:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.310:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.311:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.312:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.313:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.314:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.315:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.316:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.317:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.728:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.729:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.730:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.731:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.732:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.895:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.48:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.821:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.822:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.530:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.531:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.247:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.248:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.249:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.829:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.830:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.831:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.832:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.833:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.834:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.835:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.836:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.329:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.43:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.44:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.45:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.46:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.47:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.744:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.182:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.183:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.184:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.185:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.186:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.187:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.188:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.189:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.190:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.191:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.192:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.193:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.194:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.195:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.196:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.197:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.198:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.199:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.738:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.739:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.23:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.24:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.25:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.26:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.576:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.579:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.580:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.581:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.582:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.583:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.584:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.585:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.586:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.587:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.588:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.599:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.600:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.100:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.101:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.97:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.98:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.99:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.231:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.95:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.96:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.140:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.141:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.142:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.232:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.654:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.663:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.664:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.665:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.163:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.164:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.165:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.166:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.168:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.169:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.170:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.171:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.172:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.173:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\Program Files\Fichiers communs\{98A97CBA-08A3-1036-0303-051116040021}\Update.exe -> Trojan.Starter.65 : Cleaned.
[2336] C:\Program Files\Fichiers communs\{98A97CBA-08A3-1036-0303-051116040021}\Update.exe -> Trojan.Starter.65 : Error during cleaning.
::Report end
* Grosse panique *
Merci de me dire ce que je dois faire à présent, je suis à la limite du "nervous breakdown" lol .
A+
Altä
Bon j'ai procédé à un scan avec Ewido ( je n'étais pas en mode sans échec ), il a détecté deux menaces élévées mais il signale "error while deleting" :
Trojan.Starter.65 et Downloader.PurityScan.co .
Voici le rapport :
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 17:52:39 19/07/2006
+ Scan result:
HKU\S-1-5-21-1708537768-1644491937-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56F1D444-11BF-4879-A12B-79CF0177F038} -> Adware.180Solutions : Cleaned.
C:\Documents and Settings\your user name\Application Data\sуstem\ping.exe -> Downloader.PurityScan.co : Cleaned.
C:\Documents and Settings\your user name\Local Settings\Temporary Internet Files\Content.IE5\0J7MUVH8\!update-4095[1].0000 -> Downloader.PurityScan.co : Cleaned.
[2424] C:\DOCUME~1\YOURUS~1\APPLIC~1\SSTEM~1\ping.exe -> Downloader.PurityScan.co : Error during cleaning.
C:\WINDOWS\system32\components\flx4.dll -> Not-A-Virus.Hoax.Win32.Renos.dw : Cleaned with backup (quarantined).
:mozilla.49:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.50:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.51:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.52:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.53:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.265:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.266:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.267:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.268:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.269:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.270:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.271:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.272:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.273:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.274:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.275:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.276:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.277:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.561:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.638:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.228:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.283:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.806:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.807:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.299:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.795:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.796:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.797:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.798:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.27:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.34:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.154:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.155:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.156:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.157:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.158:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.62:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@install.bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : Cleaned.
:mozilla.42:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.858:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.330:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.859:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@cz7.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.345:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.346:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.136:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.137:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.138:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.11:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.369:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
:mozilla.294:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.295:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.296:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.297:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.298:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.309:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.310:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.311:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.312:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.313:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.314:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.315:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.316:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.317:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.728:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.729:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.730:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.731:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.732:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.895:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.48:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.821:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.822:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.530:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.531:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.247:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.248:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.249:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.829:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.830:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.831:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.832:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.833:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.834:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.835:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.836:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.329:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.43:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.44:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.45:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.46:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.47:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.744:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.182:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.183:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.184:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.185:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.186:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.187:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.188:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.189:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.190:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.191:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.192:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.193:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.194:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.195:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.196:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.197:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.198:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.199:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.738:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.739:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.23:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.24:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.25:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.26:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.576:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.579:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.580:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.581:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.582:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.583:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.584:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.585:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.586:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.587:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.588:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.599:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.600:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.100:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.101:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.97:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.98:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.99:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.231:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.95:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.96:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.140:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.141:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.142:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.232:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.654:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.663:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.664:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.665:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.163:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.164:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.165:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.166:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.168:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.169:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.170:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.171:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.172:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.173:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\Program Files\Fichiers communs\{98A97CBA-08A3-1036-0303-051116040021}\Update.exe -> Trojan.Starter.65 : Cleaned.
[2336] C:\Program Files\Fichiers communs\{98A97CBA-08A3-1036-0303-051116040021}\Update.exe -> Trojan.Starter.65 : Error during cleaning.
::Report end
* Grosse panique *
Merci de me dire ce que je dois faire à présent, je suis à la limite du "nervous breakdown" lol .
A+
Altä
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
19 juil. 2006 à 18:54
19 juil. 2006 à 18:54
Salut
Lol, il y a un bon nettoyage de fait deja.
Remet un HijackThis
a+
Lol, il y a un bon nettoyage de fait deja.
Remet un HijackThis
a+
Altäriel
Messages postés
43
Date d'inscription
lundi 17 juillet 2006
Statut
Membre
Dernière intervention
26 octobre 2006
19 juil. 2006 à 19:29
19 juil. 2006 à 19:29
Salut,
ok, voici le Hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 19:29:27, on 19/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wlancfg.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\ipwins\ipwins.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\RACLE~1\TTRIB~1.EXE
C:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe
C:\Program Files\TClock\TClock.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\your user name\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {F0586656-82E6-806C-CF3D-F6BAD8124EE0} - C:\WINDOWS\system32\bhqkan.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {F0586656-82E6-806C-CF3D-F6BAD8124EE0} - C:\WINDOWS\system32\bhqkan.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Rni] C:\WINDOWS\system32\RACLE~1\TTRIB~1.EXE
O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe
O4 - Startup: Moniteur & Configuration.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - AppInit_DLLs: wbsys.dll C:\WINDOWS\system32\mmc.dll
O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winjyp32 - C:\WINDOWS\SYSTEM32\winjyp32.dll
O20 - Winlogon Notify: Zboard - C:\WINDOWS\SYSTEM32\Winlognotif.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\WINDOWS\wlancfg.exe
Merci pour ton aide et ton soutien,
A bientôt,
Altä
ok, voici le Hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 19:29:27, on 19/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wlancfg.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\ipwins\ipwins.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\RACLE~1\TTRIB~1.EXE
C:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe
C:\Program Files\TClock\TClock.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\your user name\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {F0586656-82E6-806C-CF3D-F6BAD8124EE0} - C:\WINDOWS\system32\bhqkan.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {F0586656-82E6-806C-CF3D-F6BAD8124EE0} - C:\WINDOWS\system32\bhqkan.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Rni] C:\WINDOWS\system32\RACLE~1\TTRIB~1.EXE
O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe
O4 - Startup: Moniteur & Configuration.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - AppInit_DLLs: wbsys.dll C:\WINDOWS\system32\mmc.dll
O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winjyp32 - C:\WINDOWS\SYSTEM32\winjyp32.dll
O20 - Winlogon Notify: Zboard - C:\WINDOWS\SYSTEM32\Winlognotif.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\WINDOWS\wlancfg.exe
Merci pour ton aide et ton soutien,
A bientôt,
Altä
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 321
19 juil. 2006 à 22:33
19 juil. 2006 à 22:33
Bonjour,
Méthode à suivre dans l'ordre...
----------------------------------------------------------------------------
¤Télécharge ces logiciels mais que tu n‘utilises pas tout de suite:
1/
Spybot S&D 1.4
https://www.safer-networking.org/
Démo d’utilisation (merci à Balltrap34 pour cette réalisation).
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
2/
Ad-Aware SE 1.06
https://www.adaware.com/
-Une aide:
http://usa.lucretius-ada.com/zcvisitor/8782d344-4821-11ea-83ce-0a2cdf2c6be7?campaignid=0d1dff40-82d7-11e9-9533-0a157bfa6bfc
- installe le patch français, tu pourras le trouver ici:
http://download.lavasoft.de.edgesuite.net/public/pllangs.exe
et une petite vidéo d'utilisation ici:(merci à Moe31 pour cette réalisation).
http://pageperso.aol.fr/balltrap34/adawrevid.asf
4/ Ccleaner :
https://www.pcastuces.com/logitheque/ccleaner.htm
----------------------------------------------------------------------------
¤Affiche tous les fichiers et dossiers :
Clique sur démarrer/panneau de configuration/outil/option des dossiers/affichage
Coche « afficher les fichiers et dossiers cachés »
Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"
Décoche « masquer les extensions dont le type est connu »
Puis fais «Ok» pour valider les changements.
Et appliquer !
----------------------------------------------------------------------------
¤Relance HijackThis, coche les cases devant ces lignes et ensuite clique sur fix checked :
R3 - URLSearchHook: (no name) - {F0586656-82E6-806C-CF3D-F6BAD8124EE0} - C:\WINDOWS\system32\bhqkan.dll (file missing)
O2 - BHO: (no name) - {F0586656-82E6-806C-CF3D-F6BAD8124EE0} - C:\WINDOWS\system32\bhqkan.dll (file missing)
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O20 - Winlogon Notify: winjyp32 - C:\WINDOWS\SYSTEM32\winjyp32.dll
----------------------------------------------------------------------------
¤Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
----------------------------------------------------------------------------
¤Recherche et supprime ceci:
attention seulement les fichiers (si présents).
C:\Program Files\ipwins
----------------------------------------------------------------------------
¤ Lancer et exécuter Ewido pour un scan complet et copier/coller le rapport en forum.
----------------------------------------------------------------------------
¤ Passe Ad-Aware et supprime tout ce qu’il trouve + supprime les quarantaines…
----------------------------------------------------------------------------
¤ Passe Spybot et corrige tout ce qu’il trouve + vaccine + supprime les quarantaines…
-------------------------------------------------------------------------------------------
¤ Lance CCleaner.
Suppression des fichiers temporaires
Va dans la section "Options" situé dans la marge gauche. Va dans "Avancé" et décoche "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Retourne ensuite dans la section "Nettoyeur"
Fais bien attention de cocher toutes les cases dans la marge gauche (Internet Explorer/Windows Explorer/Système/Avancé)
• Clique sur Analyse
• Patiente le temps du scan, qui peut prendre un peu de temps si c'est la première fois.
• Une fois le scan terminé, clique sur Lancer le Nettoyage
Suppression des incohérence du registre
• Clique sur l'icône Erreurs situés dans la marge à gauche.
• Puis clique sur Analyser les erreurs
• Patiente pendant que CCleaner scan ton registre.
• Une fois le scan terminé, coche toutes les entrèes qu'il t'aura trouvée.
• Tu peux cliquer ensuite sur Corriger les erreurs.
Si tu n'est pas sur de ce que tu fais, tu peux choisir de sauvegarder les entrées cochées pour les restaurer ultérieurement
----------------------------------------------------------------------------
¤ Vide ta Corbeille.
----------------------------------------------------------------------------
¤ Redémarre en mode normal, relance Hijackthis et copie/colle un nouveau rapport sur le forum.
Précise tes soucis s’il en reste....
Tiens-moi au courant
A+
Méthode à suivre dans l'ordre...
----------------------------------------------------------------------------
¤Télécharge ces logiciels mais que tu n‘utilises pas tout de suite:
1/
Spybot S&D 1.4
https://www.safer-networking.org/
Démo d’utilisation (merci à Balltrap34 pour cette réalisation).
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
2/
Ad-Aware SE 1.06
https://www.adaware.com/
-Une aide:
http://usa.lucretius-ada.com/zcvisitor/8782d344-4821-11ea-83ce-0a2cdf2c6be7?campaignid=0d1dff40-82d7-11e9-9533-0a157bfa6bfc
- installe le patch français, tu pourras le trouver ici:
http://download.lavasoft.de.edgesuite.net/public/pllangs.exe
et une petite vidéo d'utilisation ici:(merci à Moe31 pour cette réalisation).
http://pageperso.aol.fr/balltrap34/adawrevid.asf
4/ Ccleaner :
https://www.pcastuces.com/logitheque/ccleaner.htm
----------------------------------------------------------------------------
¤Affiche tous les fichiers et dossiers :
Clique sur démarrer/panneau de configuration/outil/option des dossiers/affichage
Coche « afficher les fichiers et dossiers cachés »
Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"
Décoche « masquer les extensions dont le type est connu »
Puis fais «Ok» pour valider les changements.
Et appliquer !
----------------------------------------------------------------------------
¤Relance HijackThis, coche les cases devant ces lignes et ensuite clique sur fix checked :
R3 - URLSearchHook: (no name) - {F0586656-82E6-806C-CF3D-F6BAD8124EE0} - C:\WINDOWS\system32\bhqkan.dll (file missing)
O2 - BHO: (no name) - {F0586656-82E6-806C-CF3D-F6BAD8124EE0} - C:\WINDOWS\system32\bhqkan.dll (file missing)
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O20 - Winlogon Notify: winjyp32 - C:\WINDOWS\SYSTEM32\winjyp32.dll
----------------------------------------------------------------------------
¤Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
----------------------------------------------------------------------------
¤Recherche et supprime ceci:
attention seulement les fichiers (si présents).
C:\Program Files\ipwins
----------------------------------------------------------------------------
¤ Lancer et exécuter Ewido pour un scan complet et copier/coller le rapport en forum.
----------------------------------------------------------------------------
¤ Passe Ad-Aware et supprime tout ce qu’il trouve + supprime les quarantaines…
----------------------------------------------------------------------------
¤ Passe Spybot et corrige tout ce qu’il trouve + vaccine + supprime les quarantaines…
-------------------------------------------------------------------------------------------
¤ Lance CCleaner.
Suppression des fichiers temporaires
Va dans la section "Options" situé dans la marge gauche. Va dans "Avancé" et décoche "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Retourne ensuite dans la section "Nettoyeur"
Fais bien attention de cocher toutes les cases dans la marge gauche (Internet Explorer/Windows Explorer/Système/Avancé)
• Clique sur Analyse
• Patiente le temps du scan, qui peut prendre un peu de temps si c'est la première fois.
• Une fois le scan terminé, clique sur Lancer le Nettoyage
Suppression des incohérence du registre
• Clique sur l'icône Erreurs situés dans la marge à gauche.
• Puis clique sur Analyser les erreurs
• Patiente pendant que CCleaner scan ton registre.
• Une fois le scan terminé, coche toutes les entrèes qu'il t'aura trouvée.
• Tu peux cliquer ensuite sur Corriger les erreurs.
Si tu n'est pas sur de ce que tu fais, tu peux choisir de sauvegarder les entrées cochées pour les restaurer ultérieurement
----------------------------------------------------------------------------
¤ Vide ta Corbeille.
----------------------------------------------------------------------------
¤ Redémarre en mode normal, relance Hijackthis et copie/colle un nouveau rapport sur le forum.
Précise tes soucis s’il en reste....
Tiens-moi au courant
A+
Altäriel
Messages postés
43
Date d'inscription
lundi 17 juillet 2006
Statut
Membre
Dernière intervention
26 octobre 2006
20 juil. 2006 à 12:22
20 juil. 2006 à 12:22
Salut,
J'ai fait tout ce que tu m'avais indiqué,
voici le rapport Ewido :
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 11:51:36 20/07/2006
+ Scan result:
C:\Documents and Settings\your user name\Application Data\sуstem\ping.exe -> Downloader.PurityScan.co : Cleaned.
C:\Documents and Settings\your user name\Local Settings\Temp\!update.exe -> Downloader.PurityScan.co : Cleaned.
C:\Documents and Settings\your user name\Local Settings\Temporary Internet Files\Content.IE5\183B9GHJ\!update-4095[1].0000 -> Downloader.PurityScan.co : Cleaned.
:mozilla.10:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.11:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.12:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.13:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.14:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.19:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.20:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.21:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.25:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.22:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.71:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.6:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.7:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.8:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.18:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
::Report end
Et le HijackThis :
Logfile of HijackThis v1.99.1
Scan saved at 12:19:59, on 20/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wlancfg.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\RACLE~1\TTRIB~1.EXE
C:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe
C:\Program Files\TClock\TClock.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Documents and Settings\your user name\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Rni] C:\WINDOWS\system32\RACLE~1\TTRIB~1.EXE
O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe
O4 - Startup: Moniteur & Configuration.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - AppInit_DLLs: wbsys.dll C:\WINDOWS\system32\mmc.dll
O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winjyp32 - C:\WINDOWS\SYSTEM32\winjyp32.dll
O20 - Winlogon Notify: Zboard - C:\WINDOWS\SYSTEM32\Winlognotif.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\WINDOWS\wlancfg.exe
J'espère qu'on touche au but.
Sinon je vois toujours le Tclock.exe .
Merci pour tout,
A bientôt :)
J'ai fait tout ce que tu m'avais indiqué,
voici le rapport Ewido :
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 11:51:36 20/07/2006
+ Scan result:
C:\Documents and Settings\your user name\Application Data\sуstem\ping.exe -> Downloader.PurityScan.co : Cleaned.
C:\Documents and Settings\your user name\Local Settings\Temp\!update.exe -> Downloader.PurityScan.co : Cleaned.
C:\Documents and Settings\your user name\Local Settings\Temporary Internet Files\Content.IE5\183B9GHJ\!update-4095[1].0000 -> Downloader.PurityScan.co : Cleaned.
:mozilla.10:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.11:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.12:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.13:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.14:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.19:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.20:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.21:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.25:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.22:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.71:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.6:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.7:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.8:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.18:C:\Documents and Settings\your user name\Application Data\Mozilla\Firefox\Profiles\56fybc5a.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\your user name\Cookies\your user name@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
::Report end
Et le HijackThis :
Logfile of HijackThis v1.99.1
Scan saved at 12:19:59, on 20/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wlancfg.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\RACLE~1\TTRIB~1.EXE
C:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe
C:\Program Files\TClock\TClock.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Documents and Settings\your user name\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Rni] C:\WINDOWS\system32\RACLE~1\TTRIB~1.EXE
O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe
O4 - Startup: Moniteur & Configuration.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - AppInit_DLLs: wbsys.dll C:\WINDOWS\system32\mmc.dll
O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winjyp32 - C:\WINDOWS\SYSTEM32\winjyp32.dll
O20 - Winlogon Notify: Zboard - C:\WINDOWS\SYSTEM32\Winlognotif.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\WINDOWS\wlancfg.exe
J'espère qu'on touche au but.
Sinon je vois toujours le Tclock.exe .
Merci pour tout,
A bientôt :)