Trojan peacomm
nono
-
Séb08 Messages postés 18169 Date d'inscription Statut Contributeur Dernière intervention -
Séb08 Messages postés 18169 Date d'inscription Statut Contributeur Dernière intervention -
Please aidez moi !! J'ai attrapé le trojan peacomm aujourd'hui ... Je vous poste le rapport hijack merci d'avance pour ceux qui pourront m'aider !!@+
Logfile of HijackThis v1.99.1
Scan saved at 19:17:53, on 22/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\svhost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\adchkr.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\OFFICE One6.5\program\soffice.exe
C:\PROGRA~1\NORTON~1\NORTON~1\navw32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NSMdtr.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
C:\Program Files\Messenger\msmsgs.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=SEARCH
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [BOOT] C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe /BOOT
O4 - HKLM\..\Run: [Sponsor Trialtime] svhost.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Ads checker] adchkr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://www.1-click.com/common/files/installer2.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/SFUploader/SpeedUploader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: ladchkr - Unknown owner - C:\WINDOWS\system32\ladchkr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
Logfile of HijackThis v1.99.1
Scan saved at 19:17:53, on 22/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\svhost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\adchkr.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\OFFICE One6.5\program\soffice.exe
C:\PROGRA~1\NORTON~1\NORTON~1\navw32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NSMdtr.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
C:\Program Files\Messenger\msmsgs.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=SEARCH
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [BOOT] C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe /BOOT
O4 - HKLM\..\Run: [Sponsor Trialtime] svhost.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Ads checker] adchkr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://www.1-click.com/common/files/installer2.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/SFUploader/SpeedUploader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: ladchkr - Unknown owner - C:\WINDOWS\system32\ladchkr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
Configuration: Windows XP Internet Explorer 7.0
8 réponses
-
Bonsoir,
tu es effectivement infecté, on commence par ceci :
* télécharge AVG Anti-Spyware (ewido)
https://www.avg.com/en-ww/free-antivirus-download
* tu l'installes
* lance AVG Anti-Spyware et clique sur le bouton Mise à jour.<g/ras> Patiente
puis
Lance <gras>AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option 3
"Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport".
Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
Poste le.
et reposte un nouveau rapport Hijackthis ensuite -
slt ,
tu es bien infecté .
Pour commencer
Relance Hijack,choisi « do a scan only » ou « scanner seulement » coches ces lignes :
O4 - HKLM\..\Run: [Sponsor Trialtime] svhost.exe
O4 - HKLM\..\Run: [Ads checker] adchkr.exe
O23 - Service: ladchkr - Unknown owner - C:\WINDOWS\system32\ladchkr.exe
Ferme toutes les fenêtres actives autres que HijackThis!, navigateur inclus, puis clique « Fix checked » ou « fixer objet ». Ferme HijackThis!
==========================
Arrête ce service
ladchkr
pour ça fais cette manip :
Démarrer -> executer tape services.msc clic droit sur le service cité - > propriétés et dans "type de démarrage" et mets le sur « arrêté » et « désactivé ».
===========================
recherche et supprime ces fichiers :
svhost.exe <-- /!attention à l'orthographe!\
C:\WINDOWS\system32\ladchkr.exe
S'il resistent fais le en mode sans echec.
rappel :
* Redémarres le PC en mode sans échec : Au démarrage tu tapotes sur la touche F8 de ton clavier (ou F5 ) et tu choisis le [mode sans échec]
Vide ta poubelle, redémarre on PC.
==========================
ensuite :
Regarde bien et applique ce qui est indiqué en gras
==================================
Télécharge et installe ce log :
* AVG AS
AVG anti spyware
https://www.01net.com/telecharger/
Met le a jour avant de lancer le scan.
Tuto :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
->Relance AVG AS -> "Analyse" ->"Paramètres"
Sous la question "Comment réagir ?" :
-> clique sur "Actions recommandées" et choisis "Quarantaines"
-> Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
Si un fichier est infecté en fin d'analyse
->Clique sur "Appliquer toutes les actions "
->Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous".
->Enregistre ce fichier texte sur ton bureau ensuite colle le rapport ici
Et remet un log hijack a la suite.
a+
-
J'ai bien suivi la procédure voici le rapport AVG
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 21:38:51 22/01/2007
+ Résultat de l'analyse:
C:\WINDOWS\Downloaded Program Files\installer2.dll -> Adware.ClickMedia : Nettoyé et sauvegardé (mise en quarantaine).
D:\Documents and Settings\Florian\Local Settings\Temp\wh_cc.exe/whAgent.inf -> Adware.WebHancer : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\__delete_on_reboot__H_o_o_k_1_._D_l_l_ -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
D:\Documents and Settings\Florian\Bureau\Hook1.dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
D:\Documents and Settings\Florian\Mes documents\jeux\Hook1.dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[1004] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[1108] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[1164] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[1256] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[1344] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[1408] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[1516] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[2088] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[2256] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[2608] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[2660] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[2704] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[2828] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[2852] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[3116] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[3860] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[3940] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[3960] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[3968] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
[940] C:\WINDOWS\system32\Hook1.Dll -> Logger.Agent.ln : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.306:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.307:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.308:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.309:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
D:\Documents and Settings\Arnaud\Cookies\arnaud@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
D:\Documents and Settings\Francis\Cookies\francis@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.128:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.129:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.170:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.172:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.199:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.312:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@boonty.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@msnaccountservices.112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@wrigley.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@boonty.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.138:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.139:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.195:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.196:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.24:D:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\35lkju52.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.25:D:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\35lkju52.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.6:D:\Documents and Settings\Florian\Application Data\Mozilla\Firefox\Profiles\9lq937zw.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.7:D:\Documents and Settings\Florian\Application Data\Mozilla\Firefox\Profiles\9lq937zw.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.188:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.45:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.46:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.47:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.48:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.344:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@adviva[1].txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.19:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.91:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.12:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.76:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.75:D:\Documents and Settings\Florian\Application Data\Mozilla\Firefox\Profiles\9lq937zw.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@casinotropez[2].txt -> TrackingCookie.Casinotropez : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@promo.casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@promo.casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.146:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@com[1].txt -> TrackingCookie.Com : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@com[1].txt -> TrackingCookie.Com : Nettoyé.
:mozilla.19:D:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\35lkju52.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.20:D:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\35lkju52.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.218:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.219:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.21:D:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\35lkju52.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.220:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.326:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.327:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.328:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.67:D:\Documents and Settings\Florian\Application Data\Mozilla\Firefox\Profiles\9lq937zw.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.68:D:\Documents and Settings\Florian\Application Data\Mozilla\Firefox\Profiles\9lq937zw.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.69:D:\Documents and Settings\Florian\Application Data\Mozilla\Firefox\Profiles\9lq937zw.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.16:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.174:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.7:D:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\35lkju52.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.15:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.15:D:\Documents and Settings\Florian\Application Data\Mozilla\Firefox\Profiles\9lq937zw.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.229:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.6:D:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\35lkju52.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
D:\Documents and Settings\Arnaud\Cookies\arnaud@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.394:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Etracker : Nettoyé.
:mozilla.396:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Etracker : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@www.etracker[2].txt -> TrackingCookie.Etracker : Nettoyé.
:mozilla.397:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.398:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.13:D:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\35lkju52.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.14:D:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\35lkju52.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.15:D:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\35lkju52.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.16:D:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\35lkju52.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.17:D:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\35lkju52.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@as1.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@as1.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.331:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.158:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.356:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.418:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.420:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.97:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.150:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.158:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.180:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.182:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.230:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.391:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.392:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@ehg-francetel.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@ehg-ricaud.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@ehg-telecomitalia.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@ehg-warnerbrothers.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@ehg-bellcanada.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@ehg-segaofamerica.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@ehg-telecomitalia.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@ehg-warnerbrothers.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.246:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@searchportal.information[2].txt -> TrackingCookie.Information : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@ivwbox[2].txt -> TrackingCookie.Ivwbox : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.17:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.206:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.22:D:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\35lkju52.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@qksrv[2].txt -> TrackingCookie.Qksrv : Nettoyé.
:mozilla.304:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.305:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.245:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@revenue[1].txt -> TrackingCookie.Revenue : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@revenue[2].txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.198:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.199:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.200:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.201:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.202:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.203:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.20:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.21:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.22:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.23:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.24:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.25:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.40:D:\Documents and Settings\Florian\Application Data\Mozilla\Firefox\Profiles\9lq937zw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.41:D:\Documents and Settings\Florian\Application Data\Mozilla\Firefox\Profiles\9lq937zw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.42:D:\Documents and Settings\Florian\Application Data\Mozilla\Firefox\Profiles\9lq937zw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.43:D:\Documents and Settings\Florian\Application Data\Mozilla\Firefox\Profiles\9lq937zw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.44:D:\Documents and Settings\Florian\Application Data\Mozilla\Firefox\Profiles\9lq937zw.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.140:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.403:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.12:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.13:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.13:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.14:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.14:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.15:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.16:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.23:D:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\35lkju52.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.82:D:\Documents and Settings\Florian\Application Data\Mozilla\Firefox\Profiles\9lq937zw.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.83:D:\Documents and Settings\Florian\Application Data\Mozilla\Firefox\Profiles\9lq937zw.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.84:D:\Documents and Settings\Florian\Application Data\Mozilla\Firefox\Profiles\9lq937zw.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
D:\Documents and Settings\Arnaud\Cookies\arnaud@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.138:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.154:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@focusin.ads.targetnet[1].txt -> TrackingCookie.Targetnet : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@targetnet[1].txt -> TrackingCookie.Targetnet : Nettoyé.
:mozilla.128:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.129:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.72:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.73:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.74:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.75:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.106:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@valueclick[1].txt -> TrackingCookie.Valueclick : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@valueclick[1].txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.159:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyé.
:mozilla.160:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyé.
:mozilla.161:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyé.
:mozilla.10:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.11:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.289:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.83:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.84:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.85:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.86:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.9:D:\Documents and Settings\Béatrice\Application Data\Mozilla\Firefox\Profiles\2antm296.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@wreport.weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@wreport.weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.424:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.425:D:\Documents and Settings\Arnaud\Application Data\Mozilla\Firefox\Profiles\j9z41zru.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
D:\Documents and Settings\Béatrice\Cookies\béatrice@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@yadro[2].txt -> TrackingCookie.Yadro : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
D:\Documents and Settings\Florian\Cookies\florian@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
D:\Documents and Settings\Johan\Cookies\johan@zedo[2].txt -> TrackingCookie.Zedo : Nettoyé.
Fin du rapport -
Voici maintenant le rapport hijack ... Merci de me dire si tout va mieux ... ou si rien ne va plus!
Merci
Logfile of HijackThis v1.99.1
Scan saved at 21:47:25, on 22/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Wireless 802.11g Monitor\WLService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Wireless 802.11g Monitor\WLanCfgG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\apps\ABoard\AOSD.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\svhost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\OFFICE One6.5\program\soffice.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NSMdtr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Symantec\LiveUpdate\AUpdate.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=SEARCH
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://portail.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /P26 "EPSON Stylus DX4800 Series" /O6 "USB001" /M "Stylus DX4800"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [BOOT] C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\issendiswebupdatev6.exe /BOOT
O4 - HKLM\..\Run: [Sponsor Trialtime] svhost.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Ads checker] adchkr.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09CC593B-E8A9-4491-927D-A3E33534DDD4} (InstallerObj Class) - http://www.1-click.com/common/files/installer2.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/SFUploader/SpeedUploader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: ladchkr - Unknown owner - C:\WINDOWS\system32\ladchkr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: R54G Wireless Service - Unknown owner - C:\Program Files\Wireless 802.11g Monitor\WLService.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe -
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question -
désolé Philae je n'avais pas vu que tu avais posté ... :)
nono tu as fais les manip que je t'indique au <2> ?
parce que les fichiers et service sont encore présents dans le hijack.
Si "non" fais les.
et remet un log hijack a la suite.
a+.
-
coucou j'ai le même problème et j'ai posté mon rapport sans trop savoir à quoi ça va servir.......
-
HELLO SEB
désolée,mais moi non + je ne t'ai pas vu :)
je crois que ce problème se répète concernant norton et peacomm
il y a plusieurs topic
j'ai trouvé ceci :
http://www.symantec.com/enterprise/security_response/weblog/2007/01/trojanpeacomm_building_a_peert.html -
re
http://definitions.symantec.com/defs/20070122-021-i32.exe corrige le problème!
ce serait un faux positif de norton