Sujet Précédent Sujet Suivant

Mon pc devien trés lent

tropdlabell Messages postés 27 Statut Membre -  
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité -
slt a tt le monde mon PC devient parfois tres lent ,
ma config est la suivante :
Logfile of HijackThis v1.99.1
Scan saved at 0:37:59, on 29/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\LEXPPS.EXE
D:\WINDOWS\system32\igfxtray.exe
D:\WINDOWS\system32\hkcmd.exe
D:\WINDOWS\vsnpstd3.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
d:\progra~1\intern~1\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\explorer.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Internet Explorer\iexplore.exe
C:\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
O1 - Hosts: "http://www.w3.org/TR/html4/loose.dtd">
O1 - Hosts: <html>
O1 - Hosts: <head>
O1 - Hosts: <script LANGUAGE="JavaScript">
O1 - Hosts: <!--
O1 - Hosts: if (window != top)
O1 - Hosts: top.location.href = location.href;
O1 - Hosts: // -->
O1 - Hosts: </script>
O1 - Hosts: <title>Site Unavailable</title>
O1 - Hosts: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
O1 - Hosts: <style type="text/css">
O1 - Hosts: body{text-align:center;}
O1 - Hosts: .geohead {font-family:Verdana, Arial, Helvetica, sans-serif; font-size:10px;width:750px;margin:10px 0 10px 0;height:35px;}
O1 - Hosts: .geohead #geologo {width:270px;display:block; float:left; }
O1 - Hosts: .geohead #rightside {width:480px;display:block; float:right;border-bottom:1px solid #999999; height:27px;}
O1 - Hosts: .geohead #rightside #welcome {width:50%;display:block; float:left; text-align:left;}
O1 - Hosts: .geohead #rightside #wlinks {width:50%;display:block; float:right; text-align:right;}
O1 - Hosts: .ftr { margin:0px; color:#404040; font:x-small Arial,sans-serif; text-align:center; width:750px;}
O1 - Hosts: .bodywrap{display:block;height:470px;}
O1 - Hosts: .bodycnt{width:510px; display:block; float:left; background-color:#EEE9F5; height:auto; text-align:left; font-family:Arial, Helvetica, sans-serif;font-size:13px; color:#000000; padding:20px 20px 35px 20px;}
O1 - Hosts: .title { font-family:Arial, Helvetica, sans-serif; font-weight:bold; font-size:24px; color:#7C56A9}
O1 - Hosts: .adcnt{width:172px; display:block; float:right; text-align:left;cursor:pointer;cursor:hand;}
O1 - Hosts: .adcnt td {text-align:left;}
O1 - Hosts: .adsubt{font-size:10px; font-family:verdana; font-weight:bold; color:#b4b4b4; cursor:default;margin-top:5px;}
O1 - Hosts: .ybadge { font-family: Verdana, Arial, Helvetica, sans-serif; font-size:10px; color: #666666; margin-top:10px;}
O1 - Hosts: .ybadge img {margin-top:6px;}
O1 - Hosts: .adtable {font-family:Verdana, Arial, Helvetica, sans-serif; font-size:10px;border: 1px solid #d6dbe7; background-color:#eff7ff; padding:3px; margin-bottom:10px; width:172px;}
O1 - Hosts: .adttl{font-weight:bold;margin-bottom:3px;}
O1 - Hosts: .addescr{color:#6b6b6b; margin-bottom:3px;}
O1 - Hosts: .adlink a {color:#008200; text-decoration:none;}
O1 - Hosts: </style>
O1 - Hosts: </head>
O1 - Hosts: <body>
O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE -->
O1 - Hosts: <div id="maincnt">
O1 - Hosts: <div class="geohead"><div id="geologo"><a href="https://smallbusiness.yahoo.com/"><img height=33 alt="Yahoo! GeoCities" src="http://us.i1.yimg.com/us.yimg.com/i/us/nt/ma/ma_geo_1.gif" width=259 border=0></a></div>
O1 - Hosts: <div id="rightside"><div id="wlinks"><a href="https://smallbusiness.yahoo.com/">GeoCities Home</a> - <a href="https://fr.yahoo.com/?p=us">Yahoo!</a> - <a href="https://help.yahoo.com/kb/account">Help</a></div>
O1 - Hosts: </div></div>
O1 - Hosts: <div class="bodywrap">
O1 - Hosts: <div class="bodycnt">
O1 - Hosts: <div class="title">Sorry, this GeoCities site is currently unavailable.</div>
O1 - Hosts: <p>The GeoCities web site you were trying to view has temporarily exceeded its data transfer limit. Please try again later. </p>
O1 - Hosts: <p>Are you the site owner?
O1 - Hosts: Avoid service interruptions in the future by increasing your data transfer limit!
O1 - Hosts: <a href="https://help.yahoo.com/kb/account" target="_blank">Find out how.</a> </p>
O1 - Hosts: <p><a href="https://help.yahoo.com/kb/account" target="_blank">Learn more about data transfer.</a></p>
O1 - Hosts: </div>
O1 - Hosts: <div class="adcnt">
O1 - Hosts: <a target="_top" href="https://smallbusiness.yahoo.com/"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/smbiz/b/geo_mast_small2.gif" alt="Yahoo! GeoCities" border="0" height="15" hspace="0" vspace="0" width="141"></a>
O1 - Hosts: <div class="adsubt">SPONSORED LINKS</div>
O1 - Hosts: <!--<table width="172" border="0" bgcolor="#FFFFFF" class="adtable"><tr><td align=left>-->
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="Reliable plans include domain & 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27166/*https://smallbusiness.yahoo.com/hosting" target="_blank">Yahoo! Web Hosting<br>
O1 - Hosts: $25 Setup Waived</a></div>
O1 - Hosts: <div class="addescr" title="Reliable plans include domain & 24x7 support.">Reliable plans include domain & 24x7 support.</div>
O1 - Hosts: <div class="adlink" title="Reliable plans include domain & 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27166/*https://smallbusiness.yahoo.com/hosting" target="_blank">webhosting.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="Reliable plans include domain & 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27176/*https://smallbusiness.yahoo.com/domains" target="_blank">Domain Names from Yahoo! only $9.95/yr</a></div>
O1 - Hosts: <div class="addescr" title="Includes starter web page, email & domain forwarding, 24x7 support.">Includes starter web page, email & domain forwarding, 24x7 support.</div>
O1 - Hosts: <div class="adlink" title="Includes starter web page, email & domain forwarding, 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27176/*https://smallbusiness.yahoo.com/domains" target="_blank">domains.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27184/*https://smallbusiness.yahoo.com/mail" target="_blank">Yahoo! Business Email<br> Domain Included</a></div>
O1 - Hosts: <div class="addescr" title="Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning.">Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning.</div>
O1 - Hosts: <div class="adlink" title="Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27184/*https://smallbusiness.yahoo.com/mail" target="_blank">smallbusiness.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="$50 setup fee waived. A reliable ecommerce plan, 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=/27190/*https://smallbusiness.yahoo.com/stores" target="_blank">Ecommerce from Yahoo!<br> 1 Month Free</a></div>
O1 - Hosts: <div class="addescr" title="$50 setup fee waived. A reliable ecommerce plan, 24x7 support.">$50 setup fee waived. A reliable ecommerce plan, 24x7 support.</div>
O1 - Hosts: <div class="adlink" title="$50 setup fee waived. A reliable ecommerce plan, 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=/27190/*https://smallbusiness.yahoo.com/stores" target="_blank">smallbusiness.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="ybadge">
O1 - Hosts: Get your own web site at <br><a target="_top" href="https://smallbusiness.yahoo.com/">Yahoo! GeoCities</a>
O1 - Hosts: <a href="https://smallbusiness.yahoo.com/hosting" target="_top"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/wh/gr/badge_hostedby_purp_2.gif" alt="Hosted by Yahoo! Web Hosting" align="middle" border="0" height="31" width="88"></a>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: <div class=ftr>
O1 - Hosts: <hr size=1 width=100%>
O1 - Hosts: Copyright ©
O1 - Hosts: 2005 Yahoo! Inc. All rights reserved<br>
O1 - Hosts: <a href="https://www.verizonmedia.com/policies/">Privacy Policy</a>
O1 - Hosts: - <a href="https://fr.yahoo.com/?p=us">Copyright Policy</a>
O1 - Hosts: - <a href="https://fr.yahoo.com/?p=us">Guidelines</a>
O1 - Hosts: - <a href="https://fr.yahoo.com/?p=us">Terms of Service</a>
O1 - Hosts: - <a href="https://help.yahoo.com/kb/account">Help</a>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: </body>
O1 - Hosts: </html>
O1 - Hosts: <!-- text below generated by server. PLEASE REMOVE --></object></layer></div></span></style></noscript></table></script></applet>
O1 - Hosts: <IMG SRC="http://geo.yahoo.com/serv?s=19190039&t=1156336906&f=us-w75" ALT=1 WIDTH=1 HEIGHT=1>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2BF65D1E-1545-8519-8843-F497E829B303} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar3.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Translator Internet - {8E4AA109-7239-4B85-8196-7377A53DDEFF} - D:\PROGRA~1\Antadis\TRANSL~1\DELPHI~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] D:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] D:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [snpstd3] D:\WINDOWS\vsnpstd3.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [qservices] D:\WINDOWS\qservice.exe
O4 - HKCU\..\Run: [CashFiesta] C:\Downloads\Cashfiesta.exe
O4 - HKCU\..\Run: [settings tool] D:\DOCUME~1\Admin\APPLIC~1\KNOBSO~1\DefaultRdrLoud.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Set As Messenger Live Display Picture - D:\Program Files\MSNShell\Bin\SetMSNDP.htm
O8 - Extra context menu item: Télécharger avec FlashGet - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: MSN Shell 4 - {0713E8D2-850A-101B-AFC0-4210102A8DA7} - D:\Program Files\MSNShell\Bin\MSNShell.exe
O9 - Extra 'Tools' menuitem: MSN Shell 4 - {0713E8D2-850A-101B-AFC0-4210102A8DA7} - D:\Program Files\MSNShell\Bin\MSNShell.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://tropddlabelle.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: igfxcui - D:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Boonty Games - BOONTY - D:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: iPod Service - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: kavsvc - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
A voir également:

23 réponses

  • 1
  • 2
Réponse 1 / 23
lance_yien Messages postés 2754 Statut Contributeur 257
 
bonjour tropdlabell,

fais le pas à pas proposé ici: virus methode preliminaire de desinfection version fr
et colles, ici, les 3 rapports avec tes conclusions/ commentaires. ((Merci lyonnais92))

a++
0
Réponse 2 / 23
tropdlabell Messages postés 27 Statut Membre
 
merci bcp pour votr aide, voila le raport

ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 20:49:03 29/10/2006

+ Scan result:

C:\Downloads\CashBar.dll -> Adware.CashFiesta : No action taken.
C:\Downloads\Cashfiesta.exe -> Adware.CashFiesta : No action taken.
C:\Downloads\ProcMod.dll -> Adware.CashFiesta : No action taken.
HKU\S-1-5-21-73586283-308236825-725345543-1003\SOFTWARE\CashFiesta -> Adware.CashFiesta : No action taken.
HKU\S-1-5-21-73586283-308236825-725345543-1003\SOFTWARE\CashFiesta\Cashfiesta -> Adware.CashFiesta : No action taken.
HKU\S-1-5-21-73586283-308236825-725345543-1003\SOFTWARE\CashFiesta\Cashfiesta\Config -> Adware.CashFiesta : No action taken.
HKU\S-1-5-21-73586283-308236825-725345543-1003\SOFTWARE\CashFiesta\Cashfiesta\Install -> Adware.CashFiesta : No action taken.
HKU\S-1-5-21-73586283-308236825-725345543-1003\SOFTWARE\CashFiesta\Cashfiesta\Update -> Adware.CashFiesta : No action taken.
[816] C:\Downloads\Cashfiesta.exe -> Adware.CashFiesta : No action taken.
C:\Downloads\craagle_1.91.rar/craagle_1.91\craagle_1.91\Craagle.exe -> Adware.Craagle : No action taken.
D:\Documents and Settings\Admin\Local Settings\Temp\_AZTMP0_\craagle_1.91\craagle_1.91\Craagle.exe -> Adware.Craagle : No action taken.
D:\Program Files\Adverts\uninst.exe -> Adware.Lop : No action taken.
D:\Program Files\SoftwareDoctor -> Adware.SoftwareDoctor : No action taken.
D:\Program Files\SoftwareDoctor\ErrorDoctor -> Adware.SoftwareDoctor : No action taken.
D:\Program Files\SoftwareDoctor\ErrorDoctor\ErrorDoctor.exe -> Adware.SoftwareDoctor : No action taken.
D:\Program Files\SoftwareDoctor\ErrorDoctor\Registry Backups -> Adware.SoftwareDoctor : No action taken.
D:\Program Files\SoftwareDoctor\ErrorDoctor\Registry Backups\2006-10-20_01-23-22.reg -> Adware.SoftwareDoctor : No action taken.
D:\Program Files\SoftwareDoctor\ErrorDoctor\Skin.ini -> Adware.SoftwareDoctor : No action taken.
D:\Program Files\SoftwareDoctor\ErrorDoctor\icon.ico -> Adware.SoftwareDoctor : No action taken.
D:\Program Files\SoftwareDoctor\ErrorDoctor\ignore.lst -> Adware.SoftwareDoctor : No action taken.
D:\Program Files\SoftwareDoctor\ErrorDoctor\skin3.swf -> Adware.SoftwareDoctor : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B74DE36A-B95C-49A1-8F41-A09F3D187747} -> Adware.SoftwareDoctor : No action taken.
HKLM\SOFTWARE\SoftwareDoctor -> Adware.SoftwareDoctor : No action taken.
HKLM\SOFTWARE\SoftwareDoctor\ErrorDoctor -> Adware.SoftwareDoctor : No action taken.
HKLM\SOFTWARE\SoftwareDoctor\ErrorDoctor\1.4 -> Adware.SoftwareDoctor : No action taken.
D:\RECYCLER\S-1-5-21-73586283-308236825-725345543-1003\Dd60.exe/mspass/mspass.exe -> Not-A-Virus.PSWTool.Win32.Messen.103 : No action taken.
C:\Downloads\mspass.zip/mspass.exe -> Not-A-Virus.PSWTool.Win32.Messen.106 : No action taken.
D:\Documents and Settings\Admin\Bureau\LOGICIELES\mspass.zip/mspass.exe -> Not-A-Virus.PSWTool.Win32.Messen.106 : No action taken.
D:\RECYCLER\S-1-5-21-73586283-308236825-725345543-1003\Dd45.zip/msntocgi11-1/CGI/list.cgi -> Notifier.IllNotifier.10 : No action taken.
:mozilla.12:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.13:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.14:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@247realmedia[1].txt -> TrackingCookie.247realmedia : No action taken.
D:\Documents and Settings\Invité\Cookies\invité@247realmedia[1].txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.29:D:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\1fixs7ut.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.338:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.339:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.514:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.551:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.587:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@2o7[1].txt -> TrackingCookie.2o7 : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
D:\Documents and Settings\Invité\Cookies\invité@2o7[1].txt -> TrackingCookie.2o7 : No action taken.
:mozilla.149:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.150:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.151:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@adbrite[2].txt -> TrackingCookie.Adbrite : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@adrevolver[1].txt -> TrackingCookie.Adrevolver : No action taken.
:mozilla.181:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.182:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
:mozilla.390:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.391:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.392:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.163:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.31:D:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\1fixs7ut.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
D:\Documents and Settings\Admin\Local Settings\Temp\Cookies\admin@atdmt[1].txt -> TrackingCookie.Atdmt : No action taken.
D:\Documents and Settings\Invité\Cookies\invité@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.111:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.498:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.
D:\Documents and Settings\Invité\Cookies\invité@bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@burstnet[2].txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.576:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.577:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@casalemedia[1].txt -> TrackingCookie.Casalemedia : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@casinodelrio[1].txt -> TrackingCookie.Casinodelrio : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@www.casinodelrio[1].txt -> TrackingCookie.Casinodelrio : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@casinopays[2].txt -> TrackingCookie.Casinopays : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@crbanner.casinopays[2].txt -> TrackingCookie.Casinopays : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@casinotropez[2].txt -> TrackingCookie.Casinotropez : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@www.casinotropez[1].txt -> TrackingCookie.Casinotropez : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@banner.clubdicecasino[2].txt -> TrackingCookie.Clubdicecasino : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@clubdicecasino[1].txt -> TrackingCookie.Clubdicecasino : No action taken.
:mozilla.308:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Com : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@com[1].txt -> TrackingCookie.Com : No action taken.
:mozilla.211:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Comclick : No action taken.
:mozilla.212:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Comclick : No action taken.
:mozilla.213:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Comclick : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : No action taken.
:mozilla.19:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.21:D:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\1fixs7ut.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
D:\Documents and Settings\Invité\Cookies\invité@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.679:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Enhance : No action taken.
:mozilla.15:D:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\1fixs7ut.default\cookies.txt -> TrackingCookie.Estat : No action taken.
:mozilla.197:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Estat : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@estat[1].txt -> TrackingCookie.Estat : No action taken.
:mozilla.693:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.102:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.103:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.104:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.105:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.219:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.220:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.221:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.222:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.782:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@as-eu.falkag[2].txt -> TrackingCookie.Falkag : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@as1.falkag[2].txt -> TrackingCookie.Falkag : No action taken.
:mozilla.341:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.342:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@media.fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
D:\Documents and Settings\Invité\Cookies\invité@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
D:\Documents and Settings\Invité\Cookies\invité@media.fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.703:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Goclick : No action taken.
:mozilla.704:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Goclick : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@banner.goldenpalace[2].txt -> TrackingCookie.Goldenpalace : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@www.goldenpalace[1].txt -> TrackingCookie.Goldenpalace : No action taken.
:mozilla.276:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.328:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.475:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.503:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.509:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@banner.grandonline[2].txt -> TrackingCookie.Grandonline : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@grandonline[1].txt -> TrackingCookie.Grandonline : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@www.grandonline[1].txt -> TrackingCookie.Grandonline : No action taken.
:mozilla.583:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.584:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.699:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.700:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.701:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.702:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.539:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Hitslink : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@ivwbox[2].txt -> TrackingCookie.Ivwbox : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@linkbuddies[1].txt -> TrackingCookie.Linkbuddies : No action taken.
:mozilla.756:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.757:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Liveperson : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : No action taken.
D:\Documents and Settings\Invité\Cookies\invité@lop[2].txt -> TrackingCookie.Lop : No action taken.
:mozilla.223:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.27:D:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\1fixs7ut.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
D:\Documents and Settings\Invité\Cookies\invité@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.198:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.199:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.200:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.697:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Overture : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@data2.perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@data3.perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@overture[2].txt -> TrackingCookie.Overture : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@ads.planetactive[1].txt -> TrackingCookie.Planetactive : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@ads.pointroll[2].txt -> TrackingCookie.Pointroll : No action taken.
D:\Documents and Settings\Admin\Local Settings\Temp\Cookies\admin@ads.pointroll[1].txt -> TrackingCookie.Pointroll : No action taken.
D:\Documents and Settings\Invité\Cookies\invité@ads.pointroll[1].txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.412:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.413:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.414:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.415:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.416:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.417:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.418:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.419:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : No action taken.
:mozilla.486:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@revenue[2].txt -> TrackingCookie.Revenue : No action taken.
D:\Documents and Settings\Invité\Cookies\invité@revenue[2].txt -> TrackingCookie.Revenue : No action taken.
:mozilla.204:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.205:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.206:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.207:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.208:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.209:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.408:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.409:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.463:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.464:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.624:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.16:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.17:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.18:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.
D:\Documents and Settings\Invité\Cookies\invité@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.585:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.586:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Specificclick : No action taken.
:mozilla.532:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Spinbox : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@spinbox[1].txt -> TrackingCookie.Spinbox : No action taken.
:mozilla.724:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Starware : No action taken.
:mozilla.725:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Starware : No action taken.
:mozilla.726:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Starware : No action taken.
:mozilla.64:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.65:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.66:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.67:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@statcounter[2].txt -> TrackingCookie.Statcounter : No action taken.
D:\Documents and Settings\Invité\Cookies\invité@statcounter[1].txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.10:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.11:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.9:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : No action taken.
D:\Documents and Settings\Invité\Cookies\invité@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.794:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.745:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Valueclick : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@vegasred[2].txt -> TrackingCookie.Vegasred : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@www.vegasred[2].txt -> TrackingCookie.Vegasred : No action taken.
:mozilla.36:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.37:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.38:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@weborama[1].txt -> TrackingCookie.Weborama : No action taken.
D:\Documents and Settings\Invité\Cookies\invité@weborama[2].txt -> TrackingCookie.Weborama : No action taken.
:mozilla.73:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Yadro : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@yadro[2].txt -> TrackingCookie.Yadro : No action taken.
:mozilla.22:D:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\1fixs7ut.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.23:D:\Documents and Settings\Invité\Application Data\Mozilla\Firefox\Profiles\1fixs7ut.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.297:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.298:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : No action taken.
D:\Documents and Settings\Invité\Cookies\invité@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.788:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.789:D:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\pej6nkqx.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
D:\Documents and Settings\Admin\Cookies\admin@zedo[2].txt -> TrackingCookie.Zedo : No action taken.
C:\Downloads\tst_swift.rar/tst_swift\tst_swift\tst_swift.exe -> Trojan.Small : No action taken.

::Report end
0
Réponse 3 / 23
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut à vous

tu es bien infecté !!!

le scan avec ewido sera à refaire : No action taken.

regle le sur "deleted" pour qui te vire tout ce qu'il te trouvera !

++
0
Réponse 4 / 23
tropdlabell Messages postés 27 Statut Membre
 
merci bcp, mais j'ai toujour le meme problem ca m'enerve
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 23
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
j'en suis persuadé !

fais le scan en ligne puis reposte un nouveau hijackthis stp

++
0
Réponse 6 / 23
tropdlabell Messages postés 27 Statut Membre
 
ogfile of HijackThis v1.99.1
Scan saved at 0:48:24, on 30/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\LEXPPS.EXE
D:\WINDOWS\system32\igfxtray.exe
D:\WINDOWS\system32\hkcmd.exe
D:\WINDOWS\vsnpstd3.exe
D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
d:\progra~1\intern~1\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\explorer.exe
D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\Program Files\Micro Application\Labo Photo Créatif\draw3987.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\WINDOWS\system32\rsvp.exe
D:\WINDOWS\explorer.exe
D:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
O1 - Hosts: "http://www.w3.org/TR/html4/loose.dtd">
O1 - Hosts: <html>
O1 - Hosts: <head>
O1 - Hosts: <script LANGUAGE="JavaScript">
O1 - Hosts: <!--
O1 - Hosts: if (window != top)
O1 - Hosts: top.location.href = location.href;
O1 - Hosts: // -->
O1 - Hosts: </script>
O1 - Hosts: <title>Site Unavailable</title>
O1 - Hosts: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
O1 - Hosts: <style type="text/css">
O1 - Hosts: body{text-align:center;}
O1 - Hosts: .geohead {font-family:Verdana, Arial, Helvetica, sans-serif; font-size:10px;width:750px;margin:10px 0 10px 0;height:35px;}
O1 - Hosts: .geohead #geologo {width:270px;display:block; float:left; }
O1 - Hosts: .geohead #rightside {width:480px;display:block; float:right;border-bottom:1px solid #999999; height:27px;}
O1 - Hosts: .geohead #rightside #welcome {width:50%;display:block; float:left; text-align:left;}
O1 - Hosts: .geohead #rightside #wlinks {width:50%;display:block; float:right; text-align:right;}
O1 - Hosts: .ftr { margin:0px; color:#404040; font:x-small Arial,sans-serif; text-align:center; width:750px;}
O1 - Hosts: .bodywrap{display:block;height:470px;}
O1 - Hosts: .bodycnt{width:510px; display:block; float:left; background-color:#EEE9F5; height:auto; text-align:left; font-family:Arial, Helvetica, sans-serif;font-size:13px; color:#000000; padding:20px 20px 35px 20px;}
O1 - Hosts: .title { font-family:Arial, Helvetica, sans-serif; font-weight:bold; font-size:24px; color:#7C56A9}
O1 - Hosts: .adcnt{width:172px; display:block; float:right; text-align:left;cursor:pointer;cursor:hand;}
O1 - Hosts: .adcnt td {text-align:left;}
O1 - Hosts: .adsubt{font-size:10px; font-family:verdana; font-weight:bold; color:#b4b4b4; cursor:default;margin-top:5px;}
O1 - Hosts: .ybadge { font-family: Verdana, Arial, Helvetica, sans-serif; font-size:10px; color: #666666; margin-top:10px;}
O1 - Hosts: .ybadge img {margin-top:6px;}
O1 - Hosts: .adtable {font-family:Verdana, Arial, Helvetica, sans-serif; font-size:10px;border: 1px solid #d6dbe7; background-color:#eff7ff; padding:3px; margin-bottom:10px; width:172px;}
O1 - Hosts: .adttl{font-weight:bold;margin-bottom:3px;}
O1 - Hosts: .addescr{color:#6b6b6b; margin-bottom:3px;}
O1 - Hosts: .adlink a {color:#008200; text-decoration:none;}
O1 - Hosts: </style>
O1 - Hosts: </head>
O1 - Hosts: <body>
O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE -->
O1 - Hosts: <div id="maincnt">
O1 - Hosts: <div class="geohead"><div id="geologo"><a href="https://smallbusiness.yahoo.com/"><img height=33 alt="Yahoo! GeoCities" src="http://us.i1.yimg.com/us.yimg.com/i/us/nt/ma/ma_geo_1.gif" width=259 border=0></a></div>
O1 - Hosts: <div id="rightside"><div id="wlinks"><a href="https://smallbusiness.yahoo.com/">GeoCities Home</a> - <a href="https://fr.yahoo.com/?p=us">Yahoo!</a> - <a href="https://help.yahoo.com/kb/account">Help</a></div>
O1 - Hosts: </div></div>
O1 - Hosts: <div class="bodywrap">
O1 - Hosts: <div class="bodycnt">
O1 - Hosts: <div class="title">Sorry, this GeoCities site is currently unavailable.</div>
O1 - Hosts: <p>The GeoCities web site you were trying to view has temporarily exceeded its data transfer limit. Please try again later. </p>
O1 - Hosts: <p>Are you the site owner?
O1 - Hosts: Avoid service interruptions in the future by increasing your data transfer limit!
O1 - Hosts: <a href="https://help.yahoo.com/kb/account" target="_blank">Find out how.</a> </p>
O1 - Hosts: <p><a href="https://help.yahoo.com/kb/account" target="_blank">Learn more about data transfer.</a></p>
O1 - Hosts: </div>
O1 - Hosts: <div class="adcnt">
O1 - Hosts: <a target="_top" href="https://smallbusiness.yahoo.com/"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/smbiz/b/geo_mast_small2.gif" alt="Yahoo! GeoCities" border="0" height="15" hspace="0" vspace="0" width="141"></a>
O1 - Hosts: <div class="adsubt">SPONSORED LINKS</div>
O1 - Hosts: <!--<table width="172" border="0" bgcolor="#FFFFFF" class="adtable"><tr><td align=left>-->
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="Reliable plans include domain & 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27166/*https://smallbusiness.yahoo.com/hosting" target="_blank">Yahoo! Web Hosting<br>
O1 - Hosts: $25 Setup Waived</a></div>
O1 - Hosts: <div class="addescr" title="Reliable plans include domain & 24x7 support.">Reliable plans include domain & 24x7 support.</div>
O1 - Hosts: <div class="adlink" title="Reliable plans include domain & 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27166/*https://smallbusiness.yahoo.com/hosting" target="_blank">webhosting.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="Reliable plans include domain & 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27176/*https://smallbusiness.yahoo.com/domains" target="_blank">Domain Names from Yahoo! only $9.95/yr</a></div>
O1 - Hosts: <div class="addescr" title="Includes starter web page, email & domain forwarding, 24x7 support.">Includes starter web page, email & domain forwarding, 24x7 support.</div>
O1 - Hosts: <div class="adlink" title="Includes starter web page, email & domain forwarding, 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27176/*https://smallbusiness.yahoo.com/domains" target="_blank">domains.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27184/*https://smallbusiness.yahoo.com/mail" target="_blank">Yahoo! Business Email<br> Domain Included</a></div>
O1 - Hosts: <div class="addescr" title="Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning.">Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning.</div>
O1 - Hosts: <div class="adlink" title="Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27184/*https://smallbusiness.yahoo.com/mail" target="_blank">smallbusiness.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="$50 setup fee waived. A reliable ecommerce plan, 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=/27190/*https://smallbusiness.yahoo.com/stores" target="_blank">Ecommerce from Yahoo!<br> 1 Month Free</a></div>
O1 - Hosts: <div class="addescr" title="$50 setup fee waived. A reliable ecommerce plan, 24x7 support.">$50 setup fee waived. A reliable ecommerce plan, 24x7 support.</div>
O1 - Hosts: <div class="adlink" title="$50 setup fee waived. A reliable ecommerce plan, 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=/27190/*https://smallbusiness.yahoo.com/stores" target="_blank">smallbusiness.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="ybadge">
O1 - Hosts: Get your own web site at <br><a target="_top" href="https://smallbusiness.yahoo.com/">Yahoo! GeoCities</a>
O1 - Hosts: <a href="https://smallbusiness.yahoo.com/hosting" target="_top"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/wh/gr/badge_hostedby_purp_2.gif" alt="Hosted by Yahoo! Web Hosting" align="middle" border="0" height="31" width="88"></a>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: <div class=ftr>
O1 - Hosts: <hr size=1 width=100%>
O1 - Hosts: Copyright ©
O1 - Hosts: 2005 Yahoo! Inc. All rights reserved<br>
O1 - Hosts: <a href="https://www.verizonmedia.com/policies/">Privacy Policy</a>
O1 - Hosts: - <a href="https://fr.yahoo.com/?p=us">Copyright Policy</a>
O1 - Hosts: - <a href="https://fr.yahoo.com/?p=us">Guidelines</a>
O1 - Hosts: - <a href="https://fr.yahoo.com/?p=us">Terms of Service</a>
O1 - Hosts: - <a href="https://help.yahoo.com/kb/account">Help</a>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: </body>
O1 - Hosts: </html>
O1 - Hosts: <!-- text below generated by server. PLEASE REMOVE --></object></layer></div></span></style></noscript></table></script></applet>
O1 - Hosts: <IMG SRC="http://geo.yahoo.com/serv?s=19190039&t=1156336906&f=us-w75" ALT=1 WIDTH=1 HEIGHT=1>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2BF65D1E-1545-8519-8843-F497E829B303} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar3.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Translator Internet - {8E4AA109-7239-4B85-8196-7377A53DDEFF} - D:\PROGRA~1\Antadis\TRANSL~1\DELPHI~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] D:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] D:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [snpstd3] D:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [!ewido] "D:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [qservices] D:\WINDOWS\qservice.exe
O4 - HKCU\..\Run: [settings tool] D:\DOCUME~1\Admin\APPLIC~1\KNOBSO~1\DefaultRdrLoud.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Set As Messenger Live Display Picture - D:\Program Files\MSNShell\Bin\SetMSNDP.htm
O8 - Extra context menu item: Télécharger avec FlashGet - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: MSN Shell 4 - {0713E8D2-850A-101B-AFC0-4210102A8DA7} - D:\Program Files\MSNShell\Bin\MSNShell.exe
O9 - Extra 'Tools' menuitem: MSN Shell 4 - {0713E8D2-850A-101B-AFC0-4210102A8DA7} - D:\Program Files\MSNShell\Bin\MSNShell.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://tropddlabelle.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: igfxcui - D:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Boonty Games - BOONTY - D:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: iPod Service - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: kavsvc - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
0
Réponse 7 / 23
lance_yien Messages postés 2754 Statut Contributeur 257
 
bonjour tropdlabell,

merci green day pour le relais
0
Réponse 8 / 23
tropdlabell Messages postés 27 Statut Membre
 
merci bcp pour votre aide et voila le rapport
Logfile of HijackThis v1.99.1
Scan saved at 2:05:32, on 30/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\LEXPPS.EXE
D:\WINDOWS\system32\igfxtray.exe
D:\WINDOWS\system32\hkcmd.exe
D:\WINDOWS\vsnpstd3.exe
D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
d:\progra~1\intern~1\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\explorer.exe
D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\Program Files\Micro Application\Labo Photo Créatif\draw3987.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\WINDOWS\system32\rsvp.exe
D:\Program Files\ewido anti-spyware 4.0\ewido.exe
D:\WINDOWS\system32\NOTEPAD.EXE
D:\Program Files\CCleaner\ccleaner.exe
D:\WINDOWS\explorer.exe
D:\WINDOWS\system32\NOTEPAD.EXE
D:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
O1 - Hosts: "http://www.w3.org/TR/html4/loose.dtd">
O1 - Hosts: <html>
O1 - Hosts: <head>
O1 - Hosts: <script LANGUAGE="JavaScript">
O1 - Hosts: <!--
O1 - Hosts: if (window != top)
O1 - Hosts: top.location.href = location.href;
O1 - Hosts: // -->
O1 - Hosts: </script>
O1 - Hosts: <title>Site Unavailable</title>
O1 - Hosts: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
O1 - Hosts: <style type="text/css">
O1 - Hosts: body{text-align:center;}
O1 - Hosts: .geohead {font-family:Verdana, Arial, Helvetica, sans-serif; font-size:10px;width:750px;margin:10px 0 10px 0;height:35px;}
O1 - Hosts: .geohead #geologo {width:270px;display:block; float:left; }
O1 - Hosts: .geohead #rightside {width:480px;display:block; float:right;border-bottom:1px solid #999999; height:27px;}
O1 - Hosts: .geohead #rightside #welcome {width:50%;display:block; float:left; text-align:left;}
O1 - Hosts: .geohead #rightside #wlinks {width:50%;display:block; float:right; text-align:right;}
O1 - Hosts: .ftr { margin:0px; color:#404040; font:x-small Arial,sans-serif; text-align:center; width:750px;}
O1 - Hosts: .bodywrap{display:block;height:470px;}
O1 - Hosts: .bodycnt{width:510px; display:block; float:left; background-color:#EEE9F5; height:auto; text-align:left; font-family:Arial, Helvetica, sans-serif;font-size:13px; color:#000000; padding:20px 20px 35px 20px;}
O1 - Hosts: .title { font-family:Arial, Helvetica, sans-serif; font-weight:bold; font-size:24px; color:#7C56A9}
O1 - Hosts: .adcnt{width:172px; display:block; float:right; text-align:left;cursor:pointer;cursor:hand;}
O1 - Hosts: .adcnt td {text-align:left;}
O1 - Hosts: .adsubt{font-size:10px; font-family:verdana; font-weight:bold; color:#b4b4b4; cursor:default;margin-top:5px;}
O1 - Hosts: .ybadge { font-family: Verdana, Arial, Helvetica, sans-serif; font-size:10px; color: #666666; margin-top:10px;}
O1 - Hosts: .ybadge img {margin-top:6px;}
O1 - Hosts: .adtable {font-family:Verdana, Arial, Helvetica, sans-serif; font-size:10px;border: 1px solid #d6dbe7; background-color:#eff7ff; padding:3px; margin-bottom:10px; width:172px;}
O1 - Hosts: .adttl{font-weight:bold;margin-bottom:3px;}
O1 - Hosts: .addescr{color:#6b6b6b; margin-bottom:3px;}
O1 - Hosts: .adlink a {color:#008200; text-decoration:none;}
O1 - Hosts: </style>
O1 - Hosts: </head>
O1 - Hosts: <body>
O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE -->
O1 - Hosts: <div id="maincnt">
O1 - Hosts: <div class="geohead"><div id="geologo"><a href="https://smallbusiness.yahoo.com/"><img height=33 alt="Yahoo! GeoCities" src="http://us.i1.yimg.com/us.yimg.com/i/us/nt/ma/ma_geo_1.gif" width=259 border=0></a></div>
O1 - Hosts: <div id="rightside"><div id="wlinks"><a href="https://smallbusiness.yahoo.com/">GeoCities Home</a> - <a href="https://fr.yahoo.com/?p=us">Yahoo!</a> - <a href="https://help.yahoo.com/kb/account">Help</a></div>
O1 - Hosts: </div></div>
O1 - Hosts: <div class="bodywrap">
O1 - Hosts: <div class="bodycnt">
O1 - Hosts: <div class="title">Sorry, this GeoCities site is currently unavailable.</div>
O1 - Hosts: <p>The GeoCities web site you were trying to view has temporarily exceeded its data transfer limit. Please try again later. </p>
O1 - Hosts: <p>Are you the site owner?
O1 - Hosts: Avoid service interruptions in the future by increasing your data transfer limit!
O1 - Hosts: <a href="https://help.yahoo.com/kb/account" target="_blank">Find out how.</a> </p>
O1 - Hosts: <p><a href="https://help.yahoo.com/kb/account" target="_blank">Learn more about data transfer.</a></p>
O1 - Hosts: </div>
O1 - Hosts: <div class="adcnt">
O1 - Hosts: <a target="_top" href="https://smallbusiness.yahoo.com/"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/smbiz/b/geo_mast_small2.gif" alt="Yahoo! GeoCities" border="0" height="15" hspace="0" vspace="0" width="141"></a>
O1 - Hosts: <div class="adsubt">SPONSORED LINKS</div>
O1 - Hosts: <!--<table width="172" border="0" bgcolor="#FFFFFF" class="adtable"><tr><td align=left>-->
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="Reliable plans include domain & 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27166/*https://smallbusiness.yahoo.com/hosting" target="_blank">Yahoo! Web Hosting<br>
O1 - Hosts: $25 Setup Waived</a></div>
O1 - Hosts: <div class="addescr" title="Reliable plans include domain & 24x7 support.">Reliable plans include domain & 24x7 support.</div>
O1 - Hosts: <div class="adlink" title="Reliable plans include domain & 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27166/*https://smallbusiness.yahoo.com/hosting" target="_blank">webhosting.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="Reliable plans include domain & 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27176/*https://smallbusiness.yahoo.com/domains" target="_blank">Domain Names from Yahoo! only $9.95/yr</a></div>
O1 - Hosts: <div class="addescr" title="Includes starter web page, email & domain forwarding, 24x7 support.">Includes starter web page, email & domain forwarding, 24x7 support.</div>
O1 - Hosts: <div class="adlink" title="Includes starter web page, email & domain forwarding, 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27176/*https://smallbusiness.yahoo.com/domains" target="_blank">domains.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27184/*https://smallbusiness.yahoo.com/mail" target="_blank">Yahoo! Business Email<br> Domain Included</a></div>
O1 - Hosts: <div class="addescr" title="Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning.">Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning.</div>
O1 - Hosts: <div class="adlink" title="Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27184/*https://smallbusiness.yahoo.com/mail" target="_blank">smallbusiness.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="$50 setup fee waived. A reliable ecommerce plan, 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=/27190/*https://smallbusiness.yahoo.com/stores" target="_blank">Ecommerce from Yahoo!<br> 1 Month Free</a></div>
O1 - Hosts: <div class="addescr" title="$50 setup fee waived. A reliable ecommerce plan, 24x7 support.">$50 setup fee waived. A reliable ecommerce plan, 24x7 support.</div>
O1 - Hosts: <div class="adlink" title="$50 setup fee waived. A reliable ecommerce plan, 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=/27190/*https://smallbusiness.yahoo.com/stores" target="_blank">smallbusiness.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="ybadge">
O1 - Hosts: Get your own web site at <br><a target="_top" href="https://smallbusiness.yahoo.com/">Yahoo! GeoCities</a>
O1 - Hosts: <a href="https://smallbusiness.yahoo.com/hosting" target="_top"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/wh/gr/badge_hostedby_purp_2.gif" alt="Hosted by Yahoo! Web Hosting" align="middle" border="0" height="31" width="88"></a>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: <div class=ftr>
O1 - Hosts: <hr size=1 width=100%>
O1 - Hosts: Copyright ©
O1 - Hosts: 2005 Yahoo! Inc. All rights reserved<br>
O1 - Hosts: <a href="https://www.verizonmedia.com/policies/">Privacy Policy</a>
O1 - Hosts: - <a href="https://fr.yahoo.com/?p=us">Copyright Policy</a>
O1 - Hosts: - <a href="https://fr.yahoo.com/?p=us">Guidelines</a>
O1 - Hosts: - <a href="https://fr.yahoo.com/?p=us">Terms of Service</a>
O1 - Hosts: - <a href="https://help.yahoo.com/kb/account">Help</a>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: </body>
O1 - Hosts: </html>
O1 - Hosts: <!-- text below generated by server. PLEASE REMOVE --></object></layer></div></span></style></noscript></table></script></applet>
O1 - Hosts: <IMG SRC="http://geo.yahoo.com/serv?s=19190039&t=1156336906&f=us-w75" ALT=1 WIDTH=1 HEIGHT=1>
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2BF65D1E-1545-8519-8843-F497E829B303} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar3.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Translator Internet - {8E4AA109-7239-4B85-8196-7377A53DDEFF} - D:\PROGRA~1\Antadis\TRANSL~1\DELPHI~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] D:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] D:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [snpstd3] D:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [!ewido] "D:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [settings tool] D:\DOCUME~1\Admin\APPLIC~1\KNOBSO~1\DefaultRdrLoud.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Set As Messenger Live Display Picture - D:\Program Files\MSNShell\Bin\SetMSNDP.htm
O8 - Extra context menu item: Télécharger avec FlashGet - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: MSN Shell 4 - {0713E8D2-850A-101B-AFC0-4210102A8DA7} - D:\Program Files\MSNShell\Bin\MSNShell.exe
O9 - Extra 'Tools' menuitem: MSN Shell 4 - {0713E8D2-850A-101B-AFC0-4210102A8DA7} - D:\Program Files\MSNShell\Bin\MSNShell.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://tropddlabelle.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: igfxcui - D:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Boonty Games - BOONTY - D:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: iPod Service - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: kavsvc - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
0
Réponse 9 / 23
tropdlabell Messages postés 27 Statut Membre
 
merci bcp pour votre aide et voila le rapport
Logfile of HijackThis v1.99.1
Scan saved at 2:05:32, on 30/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\LEXPPS.EXE
D:\WINDOWS\system32\igfxtray.exe
D:\WINDOWS\system32\hkcmd.exe
D:\WINDOWS\vsnpstd3.exe
D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
d:\progra~1\intern~1\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\explorer.exe
D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\Program Files\Micro Application\Labo Photo Créatif\draw3987.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\WINDOWS\system32\rsvp.exe
D:\Program Files\ewido anti-spyware 4.0\ewido.exe
D:\WINDOWS\system32\NOTEPAD.EXE
D:\Program Files\CCleaner\ccleaner.exe
D:\WINDOWS\explorer.exe
D:\WINDOWS\system32\NOTEPAD.EXE
D:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
O1 - Hosts: "http://www.w3.org/TR/html4/loose.dtd">
O1 - Hosts: <html>
O1 - Hosts: <head>
O1 - Hosts: <script LANGUAGE="JavaScript">
O1 - Hosts: <!--
O1 - Hosts: if (window != top)
O1 - Hosts: top.location.href = location.href;
O1 - Hosts: // -->
O1 - Hosts: </script>
O1 - Hosts: <title>Site Unavailable</title>
O1 - Hosts: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
O1 - Hosts: <style type="text/css">
O1 - Hosts: body{text-align:center;}
O1 - Hosts: .geohead {font-family:Verdana, Arial, Helvetica, sans-serif; font-size:10px;width:750px;margin:10px 0 10px 0;height:35px;}
O1 - Hosts: .geohead #geologo {width:270px;display:block; float:left; }
O1 - Hosts: .geohead #rightside {width:480px;display:block; float:right;border-bottom:1px solid #999999; height:27px;}
O1 - Hosts: .geohead #rightside #welcome {width:50%;display:block; float:left; text-align:left;}
O1 - Hosts: .geohead #rightside #wlinks {width:50%;display:block; float:right; text-align:right;}
O1 - Hosts: .ftr { margin:0px; color:#404040; font:x-small Arial,sans-serif; text-align:center; width:750px;}
O1 - Hosts: .bodywrap{display:block;height:470px;}
O1 - Hosts: .bodycnt{width:510px; display:block; float:left; background-color:#EEE9F5; height:auto; text-align:left; font-family:Arial, Helvetica, sans-serif;font-size:13px; color:#000000; padding:20px 20px 35px 20px;}
O1 - Hosts: .title { font-family:Arial, Helvetica, sans-serif; font-weight:bold; font-size:24px; color:#7C56A9}
O1 - Hosts: .adcnt{width:172px; display:block; float:right; text-align:left;cursor:pointer;cursor:hand;}
O1 - Hosts: .adcnt td {text-align:left;}
O1 - Hosts: .adsubt{font-size:10px; font-family:verdana; font-weight:bold; color:#b4b4b4; cursor:default;margin-top:5px;}
O1 - Hosts: .ybadge { font-family: Verdana, Arial, Helvetica, sans-serif; font-size:10px; color: #666666; margin-top:10px;}
O1 - Hosts: .ybadge img {margin-top:6px;}
O1 - Hosts: .adtable {font-family:Verdana, Arial, Helvetica, sans-serif; font-size:10px;border: 1px solid #d6dbe7; background-color:#eff7ff; padding:3px; margin-bottom:10px; width:172px;}
O1 - Hosts: .adttl{font-weight:bold;margin-bottom:3px;}
O1 - Hosts: .addescr{color:#6b6b6b; margin-bottom:3px;}
O1 - Hosts: .adlink a {color:#008200; text-decoration:none;}
O1 - Hosts: </style>
O1 - Hosts: </head>
O1 - Hosts: <body>
O1 - Hosts: <!-- following code added by server. PLEASE REMOVE -->
O1 - Hosts: <!-- preceding code added by server. PLEASE REMOVE -->
O1 - Hosts: <div id="maincnt">
O1 - Hosts: <div class="geohead"><div id="geologo"><a href="https://smallbusiness.yahoo.com/"><img height=33 alt="Yahoo! GeoCities" src="http://us.i1.yimg.com/us.yimg.com/i/us/nt/ma/ma_geo_1.gif" width=259 border=0></a></div>
O1 - Hosts: <div id="rightside"><div id="wlinks"><a href="https://smallbusiness.yahoo.com/">GeoCities Home</a> - <a href="https://fr.yahoo.com/?p=us">Yahoo!</a> - <a href="https://help.yahoo.com/kb/account">Help</a></div>
O1 - Hosts: </div></div>
O1 - Hosts: <div class="bodywrap">
O1 - Hosts: <div class="bodycnt">
O1 - Hosts: <div class="title">Sorry, this GeoCities site is currently unavailable.</div>
O1 - Hosts: <p>The GeoCities web site you were trying to view has temporarily exceeded its data transfer limit. Please try again later. </p>
O1 - Hosts: <p>Are you the site owner?
O1 - Hosts: Avoid service interruptions in the future by increasing your data transfer limit!
O1 - Hosts: <a href="https://help.yahoo.com/kb/account" target="_blank">Find out how.</a> </p>
O1 - Hosts: <p><a href="https://help.yahoo.com/kb/account" target="_blank">Learn more about data transfer.</a></p>
O1 - Hosts: </div>
O1 - Hosts: <div class="adcnt">
O1 - Hosts: <a target="_top" href="https://smallbusiness.yahoo.com/"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/smbiz/b/geo_mast_small2.gif" alt="Yahoo! GeoCities" border="0" height="15" hspace="0" vspace="0" width="141"></a>
O1 - Hosts: <div class="adsubt">SPONSORED LINKS</div>
O1 - Hosts: <!--<table width="172" border="0" bgcolor="#FFFFFF" class="adtable"><tr><td align=left>-->
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="Reliable plans include domain & 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27166/*https://smallbusiness.yahoo.com/hosting" target="_blank">Yahoo! Web Hosting<br>
O1 - Hosts: $25 Setup Waived</a></div>
O1 - Hosts: <div class="addescr" title="Reliable plans include domain & 24x7 support.">Reliable plans include domain & 24x7 support.</div>
O1 - Hosts: <div class="adlink" title="Reliable plans include domain & 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27166/*https://smallbusiness.yahoo.com/hosting" target="_blank">webhosting.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="Reliable plans include domain & 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27176/*https://smallbusiness.yahoo.com/domains" target="_blank">Domain Names from Yahoo! only $9.95/yr</a></div>
O1 - Hosts: <div class="addescr" title="Includes starter web page, email & domain forwarding, 24x7 support.">Includes starter web page, email & domain forwarding, 24x7 support.</div>
O1 - Hosts: <div class="adlink" title="Includes starter web page, email & domain forwarding, 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27176/*https://smallbusiness.yahoo.com/domains" target="_blank">domains.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27184/*https://smallbusiness.yahoo.com/mail" target="_blank">Yahoo! Business Email<br> Domain Included</a></div>
O1 - Hosts: <div class="addescr" title="Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning.">Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning.</div>
O1 - Hosts: <div class="adlink" title="Setup fee waived. Up to 10 emails, SpamGuard, forwarding & virus scanning."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=27184/*https://smallbusiness.yahoo.com/mail" target="_blank">smallbusiness.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="adtable">
O1 - Hosts: <div class="adttl" title="$50 setup fee waived. A reliable ecommerce plan, 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=/27190/*https://smallbusiness.yahoo.com/stores" target="_blank">Ecommerce from Yahoo!<br> 1 Month Free</a></div>
O1 - Hosts: <div class="addescr" title="$50 setup fee waived. A reliable ecommerce plan, 24x7 support.">$50 setup fee waived. A reliable ecommerce plan, 24x7 support.</div>
O1 - Hosts: <div class="adlink" title="$50 setup fee waived. A reliable ecommerce plan, 24x7 support."><a href="https://fr.yahoo.com/?p=us*http://us.rd.yahoo.com/evt=/27190/*https://smallbusiness.yahoo.com/stores" target="_blank">smallbusiness.yahoo.com</a></div>
O1 - Hosts: </div>
O1 - Hosts: <div class="ybadge">
O1 - Hosts: Get your own web site at <br><a target="_top" href="https://smallbusiness.yahoo.com/">Yahoo! GeoCities</a>
O1 - Hosts: <a href="https://smallbusiness.yahoo.com/hosting" target="_top"><img src="http://us.i1.yimg.com/us.yimg.com/i/us/wh/gr/badge_hostedby_purp_2.gif" alt="Hosted by Yahoo! Web Hosting" align="middle" border="0" height="31" width="88"></a>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: <div class=ftr>
O1 - Hosts: <hr size=1 width=100%>
O1 - Hosts: Copyright ©
O1 - Hosts: 2005 Yahoo! Inc. All rights reserved<br>
O1 - Hosts: <a href="https://www.verizonmedia.com/policies/">Privacy Policy</a>
O1 - Hosts: - <a href="https://fr.yahoo.com/?p=us">Copyright Policy</a>
O1 - Hosts: - <a href="https://fr.yahoo.com/?p=us">Guidelines</a>
O1 - Hosts: - <a href="https://fr.yahoo.com/?p=us">Terms of Service</a>
O1 - Hosts: - <a href="https://help.yahoo.com/kb/account">Help</a>
O1 - Hosts: </div>
O1 - Hosts: </div>
O1 - Hosts: </body>
O1 - Hosts: </html>
O1 - Hosts: <!-- text below generated by server. PLEASE REMOVE --></object></layer></div></span></style></noscript></table></script></applet>
O1 - Hosts: <IMG SRC="http://geo.yahoo.com/serv?s=19190039&t=1156336906&f=us-w75" ALT=1 WIDTH=1 HEIGHT=1>
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2BF65D1E-1545-8519-8843-F497E829B303} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar3.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Translator Internet - {8E4AA109-7239-4B85-8196-7377A53DDEFF} - D:\PROGRA~1\Antadis\TRANSL~1\DELPHI~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] D:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] D:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [snpstd3] D:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [!ewido] "D:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [settings tool] D:\DOCUME~1\Admin\APPLIC~1\KNOBSO~1\DefaultRdrLoud.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Set As Messenger Live Display Picture - D:\Program Files\MSNShell\Bin\SetMSNDP.htm
O8 - Extra context menu item: Télécharger avec FlashGet - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: MSN Shell 4 - {0713E8D2-850A-101B-AFC0-4210102A8DA7} - D:\Program Files\MSNShell\Bin\MSNShell.exe
O9 - Extra 'Tools' menuitem: MSN Shell 4 - {0713E8D2-850A-101B-AFC0-4210102A8DA7} - D:\Program Files\MSNShell\Bin\MSNShell.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://tropddlabelle.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: igfxcui - D:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Boonty Games - BOONTY - D:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: iPod Service - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: kavsvc - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
0
Réponse 10 / 23
lance_yien Messages postés 2754 Statut Contributeur 257
 
re,

Ouvre le fichier "C:\WINDOWS\system32\drivers\etc\hosts" avec le bloc note, effaces tout son contenu et colles à la place le texte suivant (en gras) :

# Copyright (c) 1993-1999 Microsoft Corp.
#
# Ceci est un exemple de fichier HOSTS utilisé par Microsoft TCP/IP
# pour Windows.
#
# Ce fichier contient les correspondances des adresses IP aux noms d'hôtes.
# Chaque entrée doit être sur une ligne propre. L'adresse IP doit être placée
# dans la première colonne, suivie par le nom d'hôte correspondant. L'adresse
# IP et le nom d'hôte doivent être séparés par au moins un espace.
#
# De plus, des commentaires (tels que celui-ci) peuvent être insérés sur des
# lignes propres ou après le nom d'ordinateur. Ils sont indiqué par le
# symbole '#'.
#
# Par exemple :
#
# 102.54.94.97 rhino.acme.com # serveur source
# 38.25.63.10 x.acme.com # hôte client x

127.0.0.1 localhost

((merci à fbc telecharger.01net.com))

fais "fichier" > "enregistrer", fermes tout et redémarres ton pc
refais un "hijackthis" et postes le nv rapport avec le résultat pour ton pb initial
0
Réponse 11 / 23
tropdlabell Messages postés 27 Statut Membre
 
merci mon ami et voila le rapport

Logfile of HijackThis v1.99.1
Scan saved at 1:04:48, on 1/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\LEXPPS.EXE
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\igfxtray.exe
D:\WINDOWS\system32\hkcmd.exe
D:\WINDOWS\vsnpstd3.exe
D:\windows\system32\jvrbah.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
d:\progra~1\intern~1\iexplore.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
D:\Program Files\ewido anti-spyware 4.0\guard.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\Downloads\HijackThis.exe
D:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2BF65D1E-1545-8519-8843-F497E829B303} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar3.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Translator Internet - {8E4AA109-7239-4B85-8196-7377A53DDEFF} - D:\PROGRA~1\Antadis\TRANSL~1\DELPHI~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] D:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] D:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [snpstd3] D:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [jvrbah] d:\windows\system32\jvrbah.exe jvrbah
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [settings tool] D:\DOCUME~1\Admin\APPLIC~1\KNOBSO~1\DefaultRdrLoud.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Set As Messenger Live Display Picture - D:\Program Files\MSNShell\Bin\SetMSNDP.htm
O8 - Extra context menu item: Télécharger avec FlashGet - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - D:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: MSN Shell 4 - {0713E8D2-850A-101B-AFC0-4210102A8DA7} - D:\Program Files\MSNShell\Bin\MSNShell.exe
O9 - Extra 'Tools' menuitem: MSN Shell 4 - {0713E8D2-850A-101B-AFC0-4210102A8DA7} - D:\Program Files\MSNShell\Bin\MSNShell.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://tropddlabelle.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: igfxcui - D:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Boonty Games - BOONTY - D:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: iPod Service - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: kavsvc - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
0
Réponse 12 / 23
lance_yien Messages postés 2754 Statut Contributeur 257
 
bonjour tropdlabell,

lances hijackthis > "do a system scan only" > coches la case de la ligne suivante et cilc "fix checked":
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

refermes et redémarres ton pc
0
Réponse 13 / 23
tropdlabell Messages postés 27 Statut Membre
 
j'ai lancé hijackthis="do a system scan only" = mais malheureusment je trouve pas O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

en plus j'ai perdu le son de démarage/ arret windows
merci de m'avoir aider
0
Réponse 14 / 23
lance_yien Messages postés 2754 Statut Contributeur 257
 
re,

diable!
elle est pasée où?
0
tropdlabell Messages postés 27 Statut Membre
 
salut a tous !!!

pour commencer un grand merci a ceux qui m'ont aidé ... merci bcp vous etes gégnal)):: mon premier probleme est resolu (pc trés lent)
Mais j'ai un autre pb :(
voila, je n'ai plus de son interne sur mon pc (plus de son au demarrage de windows (XP), bip de fin, plus de son sur les sites web,etc...) Par contre quand je lis des dvd et autres mp3 tout marche sans Pb ,????
je ne sais pas ou aller chercher
svp aidez moi
0
Réponse 15 / 23
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut à vous

si Lance me permet, il y a encore des ptits truc à vire ;-)

# Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :

O2 - BHO: (no name) - {2BF65D1E-1545-8519-8843-F497E829B303} - (no file)

O4 - HKLM\..\Run: [jvrbah] d:\windows\system32\jvrbah.exe jvrbah
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [settings tool] D:\DOCUME~1\Admin\APPLIC~1\KNOBSO~1\DefaultRdrLoud.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe

O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://tropddlabelle.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15026/CTPID.cab

O23 - Service: Boonty Games - BOONTY - D:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

==> Cliques sur :

demarrer < executer < tapes " services.msc"

cherches dans la liste cette ligne et regles la sur "desactivé"

Boonty Games - BOONTY

==> cherche et supprime le fichier en gras :

d:\windows\system32\jvrbah.exe

# ensuite télécharge et execute ceci :

* CleanUp40 (qui élimine les fichiers temporaires + cookies : gratuit )
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe

tuto : (merci à Balltrap) http://pageperso.aol.fr/balltrap34/democleanup.htm

* Ccleaner : passe un coup !

==> cliques sur demarrer < executer et tapes : Prefetch
et supprime tout le contenu de ce dossier !

et enfin :

scanner ce fichier en gras :

D:\DOCUME~1\Admin\APPLIC~1\KNOBSO~1\DefaultRdrLoud.exe

avec ceci :

http://www.virustotal.com/en/virustotalx.html

clique sur "parcourir" va rechercher le fichier en question et ensuite cliques sur "send" et copie/colle moi le rapport STP.

@+

**En vérité, le chemin importe peu, la volonté d'arriver suffit à tout ( A.Camus ) **
0
Réponse 16 / 23
tropdlabell Messages postés 27 Statut Membre
 
malheureusement ca marche pas toujour
0
Réponse 17 / 23
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
Salut

ce que je t'ai demander de faire c'était pas pour le son ;-)

vas dans panneau de configuration<système<materiel<gestionnaire des périf et la tu regarde s'il n'y a pas de point "?" ou "!" jaune

si c'est le cas : fais un clic droit et mise à jour des pilotes

++
0
Réponse 18 / 23
tropdlabell Messages postés 27 Statut Membre
 
tou est bien il n'y a pas de point "?" ou "!" jaune
merci
0
Réponse 19 / 23
tropdlabell Messages postés 27 Statut Membre
 
tou est bien il n'y a pas de point "?" ou "!" jaune
merci
0
Réponse 20 / 23
green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163
 
re

ok, tu as verifié que tout es ok dans " controle du volume " ??

++
0
tropdlabell Messages postés 27 Statut Membre
 
SLT,
oui j'ai tou verifier tou est en ordre
0