Sujet Précédent Sujet Suivant

[rapports]lopxp,hijackthis,blbeta

Résolu
vbouton Messages postés 32 Statut Membre -  
salwa5 Messages postés 7552 Statut Contributeur -
bonjour
rapport lopxp:

Rapport fait à 13:59:45,29 le 03/02/2007

******************************************
## Répertoires Application Data

Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Documents and Settings\Default User\Application Data

07/03/2005 20:16 <REP> .
07/03/2005 20:16 <REP> ..
05/10/2005 00:17 <REP> Identities
07/03/2005 20:16 <REP> Microsoft
07/03/2005 20:16 62 desktop.ini
1 fichier(s) 62 octets
4 R‚p(s) 13ÿ566ÿ803ÿ968 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

07/03/2005 20:16 <REP> .
07/03/2005 20:16 <REP> ..
07/03/2005 20:24 <REP> Microsoft
05/10/2005 00:17 3ÿ223ÿ790 IconCache.db
1 fichier(s) 3ÿ223ÿ790 octets
3 R‚p(s) 13ÿ566ÿ803ÿ968 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Documents and Settings\All Users\Application Data

07/03/2005 20:16 <REP> .
07/03/2005 20:16 <REP> ..
22/09/2006 06:59 <REP> Adobe
15/12/2006 07:33 <REP> AntiVir PersonalEdition Classic
01/05/2006 21:08 <REP> Creative
07/03/2005 20:16 <REP> Microsoft
11/10/2006 22:25 <REP> Spybot - Search & Destroy
05/10/2005 01:07 <REP> Symantec
04/08/2006 22:11 <REP> Windows Genuine Advantage
27/01/2007 13:56 3ÿ120 118300.34
15/12/2006 07:39 305 addr_file.html
07/03/2005 20:16 62 desktop.ini
19/10/2005 16:50 369 hpzinstall.log
4 fichier(s) 3ÿ856 octets
9 R‚p(s) 13ÿ566ÿ771ÿ200 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Documents and Settings\NetworkService\Application Data

07/03/2005 20:29 <REP> .
07/03/2005 20:29 <REP> ..
07/03/2005 20:29 <REP> Microsoft
05/10/2005 21:14 <REP> Symantec
0 fichier(s) 0 octets
4 R‚p(s) 13ÿ566ÿ771ÿ200 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

07/03/2005 20:29 <REP> .
07/03/2005 20:29 <REP> ..
07/03/2005 20:29 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 13ÿ566ÿ771ÿ200 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Documents and Settings\LocalService\Application Data

07/03/2005 20:29 <REP> .
07/03/2005 20:29 <REP> ..
07/03/2005 20:29 <REP> Microsoft
11/10/2006 22:27 <REP> Webroot
0 fichier(s) 0 octets
4 R‚p(s) 13ÿ566ÿ771ÿ200 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

07/03/2005 20:29 <REP> .
07/03/2005 20:29 <REP> ..
07/03/2005 20:29 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 13ÿ566ÿ771ÿ200 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Documents and Settings\V‚ronique BOUTONNET\Application Data

05/10/2005 00:18 <REP> .
05/10/2005 00:18 <REP> ..
19/10/2005 16:49 <REP> Adobe
22/09/2006 07:11 <REP> AdobeAUM
19/10/2005 16:49 <REP> AdobeUM
22/09/2006 17:49 <REP> Ahead
20/12/2005 20:11 <REP> Creative
05/10/2005 01:17 <REP> Cyberlink
03/01/2007 00:00 <REP> dvdcss
25/10/2006 17:47 <REP> GenJ
26/10/2005 16:59 <REP> Help
19/10/2005 18:01 <REP> Hewlett-Packard
05/10/2005 00:18 <REP> Identities
11/10/2006 22:31 <REP> Lavasoft
24/09/2006 10:28 <REP> Leadertech
05/10/2005 21:13 <REP> Macromedia
24/01/2007 17:26 <REP> MessengerSkinner
05/10/2005 00:18 <REP> Microsoft
12/10/2006 18:42 <REP> Mozilla
14/01/2007 17:50 <REP> OpenOffice.org2
16/10/2006 20:20 <REP> Sun
05/10/2005 01:07 <REP> Symantec
22/10/2006 17:10 <REP> Talkback
04/10/2005 18:53 <REP> Template
22/10/2006 17:09 <REP> Thunderbird
23/10/2006 19:57 <REP> U3
13/12/2005 16:57 <REP> vlc
29/11/2006 21:25 <REP> Vso
11/10/2006 22:26 <REP> Webroot
05/10/2005 00:18 62 desktop.ini
29/11/2006 21:25 81ÿ920 ezpinst.exe
29/11/2006 21:25 7ÿ176 pcouffin.cat
29/11/2006 21:25 1ÿ144 pcouffin.inf
29/11/2006 21:25 34 pcouffin.log
29/11/2006 21:25 47ÿ360 pcouffin.sys
04/10/2005 18:49 12ÿ068 wklnhst.dat
7 fichier(s) 149ÿ764 octets
29 R‚p(s) 13ÿ566ÿ771ÿ200 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Documents and Settings\V‚ronique BOUTONNET\Local Settings\Application Data

05/10/2005 00:18 <REP> .
05/10/2005 00:18 <REP> ..
19/10/2005 16:49 <REP> Adobe
22/09/2006 17:53 <REP> Ahead
13/11/2006 13:51 <REP> Google
26/10/2005 16:59 <REP> Help
04/10/2005 20:13 <REP> Identities
05/10/2005 00:18 <REP> Microsoft
12/10/2006 18:43 <REP> Mozilla
05/10/2005 01:20 <REP> Powercinema
19/11/2006 14:10 <REP> Sun
26/10/2005 11:38 <REP> Symantec
22/10/2006 17:09 <REP> Thunderbird
22/12/2005 11:11 86ÿ528 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
04/10/2005 18:49 54ÿ496 GDIPFONTCACHEV1.DAT
05/10/2005 00:18 5ÿ340ÿ374 IconCache.db
3 fichier(s) 5ÿ481ÿ398 octets
13 R‚p(s) 13ÿ566ÿ771ÿ200 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

07/03/2005 20:28 <REP> .
07/03/2005 20:28 <REP> ..
05/10/2005 00:17 <REP> Identities
07/03/2005 20:28 <REP> Microsoft
07/03/2005 20:28 62 desktop.ini
1 fichier(s) 62 octets
4 R‚p(s) 13ÿ566ÿ771ÿ200 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

07/03/2005 20:28 <REP> .
07/03/2005 20:28 <REP> ..
07/03/2005 20:28 <REP> Microsoft
05/10/2005 00:17 3ÿ223ÿ790 IconCache.db
1 fichier(s) 3ÿ223ÿ790 octets
3 R‚p(s) 13ÿ566ÿ771ÿ200 octets libres

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks

Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\WINDOWS\Tasks

07/03/2005 20:29 6 SA.DAT
07/03/2005 20:23 <REP> ..
07/03/2005 20:23 <REP> .
01/01/1980 00:00 65 desktop.ini
2 fichier(s) 71 octets
2 R‚p(s) 13ÿ566ÿ771ÿ200 octets libres

******************************************
## Répertoires de Program files

Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Program Files

07/03/2005 20:17 <REP> .
07/03/2005 20:17 <REP> ..
05/10/2005 00:22 <REP> acer
07/03/2005 20:44 <REP> Acer Inc
07/03/2005 20:45 <REP> Adobe
15/11/2006 21:37 <REP> adslTV
27/01/2007 16:14 <REP> Alwil Software
15/12/2006 07:33 <REP> AntiVir PersonalEdition Classic
07/03/2005 20:46 <REP> Arcade
13/12/2006 07:53 <REP> a-squared Free
07/03/2005 20:36 <REP> AvRack
19/09/2006 20:44 <REP> Barre GeneaNet
05/10/2005 21:08 <REP> BeWAN ADSL V1.9.0.3
20/12/2005 18:55 <REP> Creative
28/08/2006 13:10 <REP> Cyanide
07/03/2005 20:46 <REP> CyberLink
16/10/2006 18:39 <REP> directx
07/03/2005 20:17 <REP> Fichiers communs
29/11/2006 18:19 <REP> FileZilla
15/11/2006 21:17 <REP> Freeplayer
13/04/2006 10:00 <REP> GENEALOGIE
25/10/2006 17:46 <REP> GenealogyJ
28/10/2006 16:46 <REP> Gimp
29/10/2006 11:33 <REP> Grisbi
07/10/2005 19:16 <REP> Heredis 8
19/10/2005 16:51 <REP> Hewlett-Packard
27/04/2006 17:55 <REP> Intel
07/03/2005 20:22 <REP> Internet Explorer
16/10/2006 20:17 <REP> Java
05/10/2005 00:21 <REP> Launch Manager
16/10/2006 18:24 <REP> Logitech
07/03/2005 20:21 <REP> Messenger
24/01/2007 17:26 <REP> MessengerSkinner
07/03/2005 20:25 <REP> microsoft frontpage
05/10/2005 00:25 <REP> Microsoft Office
05/10/2005 00:25 <REP> Microsoft Works
07/03/2005 20:22 <REP> Movie Maker
12/10/2006 18:42 <REP> Mozilla Firefox
22/10/2006 17:09 <REP> Mozilla Thunderbird
07/03/2005 20:21 <REP> MSN
07/03/2005 20:21 <REP> MSN Gaming Zone
21/09/2006 19:51 <REP> MSN Messenger
17/11/2006 07:47 <REP> MSXML 4.0
22/09/2006 17:47 <REP> Nero
14/11/2006 17:29 <REP> NetDrive
07/03/2005 20:22 <REP> NetMeeting
07/03/2005 20:49 <REP> NewTech Infosystems
07/03/2005 20:21 <REP> Online Services
14/01/2007 17:26 <REP> OpenOffice.org 2.1
07/03/2005 20:22 <REP> Outlook Express
31/10/2006 19:48 <REP> PDFCreator
11/12/2006 17:29 <REP> Peer2phone
03/01/2006 09:44 <REP> Photos de Famille
13/11/2006 13:51 <REP> Picasa2
21/09/2006 14:36 <REP> PowerQuest
18/02/2006 15:01 <REP> Quintessential Player
13/11/2006 10:44 <REP> RamVille
07/03/2005 20:36 <REP> Realtek Sound Manager
07/03/2005 20:23 <REP> Services en ligne
05/10/2005 00:19 <REP> SiS VGA Utilities V3.65f
07/03/2005 20:42 <REP> sisagp
26/10/2005 11:38 <REP> Symantec
26/10/2005 11:38 <REP> Symantec_Client_Security
07/03/2005 20:34 <REP> Synaptics
27/04/2006 17:52 <REP> Take 2 Interactive Software Europe
03/01/2006 09:44 <REP> Tracker Software
13/01/2007 10:13 <REP> Transcript
13/12/2005 16:54 <REP> VideoLAN
15/07/2006 21:17 <REP> VirtualDJ
02/12/2006 18:48 <REP> vso
13/01/2007 08:27 <REP> Windows Media Connect 2
07/03/2005 20:21 <REP> Windows Media Player
07/03/2005 20:21 <REP> Windows NT
22/03/2006 17:30 <REP> WinRAR
17/11/2004 08:12 1ÿ256ÿ895 winrar_winrar_3.41_francais_9632.exe
07/03/2005 20:25 <REP> xerox
1 fichier(s) 1ÿ256ÿ895 octets
75 R‚p(s) 13ÿ566ÿ771ÿ200 octets libres

******************************************
## Popups autorisées

* Internet Explorer

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow

* Mozilla Firefox (1 autorisé 2 interdit)

******************************************
## Registre

******************************************
## Zones de sécurité

* HKCU Domains (4)

* P3P History (5)

******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"

Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\WINDOWS

Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\WINDOWS

*************** Fin du rapport ****************

rapport hijackthis:

Rapport fait à 18:17:18,84 le 03/02/2007

******************************************
## Répertoires Application Data

Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Documents and Settings\Default User\Application Data

07/03/2005 20:16 <REP> .
07/03/2005 20:16 <REP> ..
05/10/2005 00:17 <REP> Identities
07/03/2005 20:16 <REP> Microsoft
07/03/2005 20:16 62 desktop.ini
1 fichier(s) 62 octets
4 R‚p(s) 13ÿ466ÿ796ÿ032 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Documents and Settings\Default User\Local Settings\Application Data

07/03/2005 20:16 <REP> .
07/03/2005 20:16 <REP> ..
07/03/2005 20:24 <REP> Microsoft
05/10/2005 00:17 3ÿ223ÿ790 IconCache.db
1 fichier(s) 3ÿ223ÿ790 octets
3 R‚p(s) 13ÿ466ÿ796ÿ032 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Documents and Settings\All Users\Application Data

07/03/2005 20:16 <REP> .
07/03/2005 20:16 <REP> ..
22/09/2006 06:59 <REP> Adobe
15/12/2006 07:33 <REP> AntiVir PersonalEdition Classic
01/05/2006 21:08 <REP> Creative
07/03/2005 20:16 <REP> Microsoft
11/10/2006 22:25 <REP> Spybot - Search & Destroy
05/10/2005 01:07 <REP> Symantec
04/08/2006 22:11 <REP> Windows Genuine Advantage
27/01/2007 13:56 3ÿ120 118300.34
15/12/2006 07:39 305 addr_file.html
07/03/2005 20:16 62 desktop.ini
19/10/2005 16:50 369 hpzinstall.log
4 fichier(s) 3ÿ856 octets
9 R‚p(s) 13ÿ466ÿ796ÿ032 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Documents and Settings\NetworkService\Application Data

07/03/2005 20:29 <REP> .
07/03/2005 20:29 <REP> ..
07/03/2005 20:29 <REP> Microsoft
05/10/2005 21:14 <REP> Symantec
0 fichier(s) 0 octets
4 R‚p(s) 13ÿ466ÿ796ÿ032 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Documents and Settings\NetworkService\Local Settings\Application Data

07/03/2005 20:29 <REP> .
07/03/2005 20:29 <REP> ..
07/03/2005 20:29 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 13ÿ466ÿ796ÿ032 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Documents and Settings\LocalService\Application Data

07/03/2005 20:29 <REP> .
07/03/2005 20:29 <REP> ..
07/03/2005 20:29 <REP> Microsoft
11/10/2006 22:27 <REP> Webroot
0 fichier(s) 0 octets
4 R‚p(s) 13ÿ466ÿ796ÿ032 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Documents and Settings\LocalService\Local Settings\Application Data

07/03/2005 20:29 <REP> .
07/03/2005 20:29 <REP> ..
07/03/2005 20:29 <REP> Microsoft
0 fichier(s) 0 octets
3 R‚p(s) 13ÿ466ÿ796ÿ032 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Documents and Settings\V‚ronique BOUTONNET\Application Data

05/10/2005 00:18 <REP> .
05/10/2005 00:18 <REP> ..
19/10/2005 16:49 <REP> Adobe
22/09/2006 07:11 <REP> AdobeAUM
19/10/2005 16:49 <REP> AdobeUM
22/09/2006 17:49 <REP> Ahead
20/12/2005 20:11 <REP> Creative
05/10/2005 01:17 <REP> Cyberlink
03/01/2007 00:00 <REP> dvdcss
25/10/2006 17:47 <REP> GenJ
26/10/2005 16:59 <REP> Help
19/10/2005 18:01 <REP> Hewlett-Packard
05/10/2005 00:18 <REP> Identities
11/10/2006 22:31 <REP> Lavasoft
24/09/2006 10:28 <REP> Leadertech
05/10/2005 21:13 <REP> Macromedia
24/01/2007 17:26 <REP> MessengerSkinner
05/10/2005 00:18 <REP> Microsoft
12/10/2006 18:42 <REP> Mozilla
14/01/2007 17:50 <REP> OpenOffice.org2
16/10/2006 20:20 <REP> Sun
05/10/2005 01:07 <REP> Symantec
22/10/2006 17:10 <REP> Talkback
04/10/2005 18:53 <REP> Template
22/10/2006 17:09 <REP> Thunderbird
23/10/2006 19:57 <REP> U3
13/12/2005 16:57 <REP> vlc
29/11/2006 21:25 <REP> Vso
11/10/2006 22:26 <REP> Webroot
05/10/2005 00:18 62 desktop.ini
29/11/2006 21:25 81ÿ920 ezpinst.exe
29/11/2006 21:25 7ÿ176 pcouffin.cat
29/11/2006 21:25 1ÿ144 pcouffin.inf
29/11/2006 21:25 34 pcouffin.log
29/11/2006 21:25 47ÿ360 pcouffin.sys
04/10/2005 18:49 12ÿ068 wklnhst.dat
7 fichier(s) 149ÿ764 octets
29 R‚p(s) 13ÿ466ÿ796ÿ032 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Documents and Settings\V‚ronique BOUTONNET\Local Settings\Application Data

05/10/2005 00:18 <REP> .
05/10/2005 00:18 <REP> ..
19/10/2005 16:49 <REP> Adobe
22/09/2006 17:53 <REP> Ahead
13/11/2006 13:51 <REP> Google
26/10/2005 16:59 <REP> Help
04/10/2005 20:13 <REP> Identities
05/10/2005 00:18 <REP> Microsoft
12/10/2006 18:43 <REP> Mozilla
05/10/2005 01:20 <REP> Powercinema
19/11/2006 14:10 <REP> Sun
26/10/2005 11:38 <REP> Symantec
22/10/2006 17:09 <REP> Thunderbird
22/12/2005 11:11 86ÿ528 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
04/10/2005 18:49 54ÿ496 GDIPFONTCACHEV1.DAT
05/10/2005 00:18 5ÿ340ÿ374 IconCache.db
3 fichier(s) 5ÿ481ÿ398 octets
13 R‚p(s) 13ÿ466ÿ796ÿ032 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

07/03/2005 20:28 <REP> .
07/03/2005 20:28 <REP> ..
05/10/2005 00:17 <REP> Identities
07/03/2005 20:28 <REP> Microsoft
07/03/2005 20:28 62 desktop.ini
1 fichier(s) 62 octets
4 R‚p(s) 13ÿ466ÿ796ÿ032 octets libres
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

07/03/2005 20:28 <REP> .
07/03/2005 20:28 <REP> ..
07/03/2005 20:28 <REP> Microsoft
05/10/2005 00:17 3ÿ223ÿ790 IconCache.db
1 fichier(s) 3ÿ223ÿ790 octets
3 R‚p(s) 13ÿ466ÿ796ÿ032 octets libres

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks

Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\WINDOWS\Tasks

07/03/2005 20:29 6 SA.DAT
07/03/2005 20:23 <REP> ..
07/03/2005 20:23 <REP> .
01/01/1980 00:00 65 desktop.ini
2 fichier(s) 71 octets
2 R‚p(s) 13ÿ466ÿ796ÿ032 octets libres

******************************************
## Répertoires de Program files

Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\Program Files

07/03/2005 20:17 <REP> .
07/03/2005 20:17 <REP> ..
05/10/2005 00:22 <REP> acer
07/03/2005 20:44 <REP> Acer Inc
07/03/2005 20:45 <REP> Adobe
15/11/2006 21:37 <REP> adslTV
27/01/2007 16:14 <REP> Alwil Software
15/12/2006 07:33 <REP> AntiVir PersonalEdition Classic
07/03/2005 20:46 <REP> Arcade
13/12/2006 07:53 <REP> a-squared Free
07/03/2005 20:36 <REP> AvRack
19/09/2006 20:44 <REP> Barre GeneaNet
05/10/2005 21:08 <REP> BeWAN ADSL V1.9.0.3
20/12/2005 18:55 <REP> Creative
28/08/2006 13:10 <REP> Cyanide
07/03/2005 20:46 <REP> CyberLink
16/10/2006 18:39 <REP> directx
07/03/2005 20:17 <REP> Fichiers communs
29/11/2006 18:19 <REP> FileZilla
15/11/2006 21:17 <REP> Freeplayer
13/04/2006 10:00 <REP> GENEALOGIE
25/10/2006 17:46 <REP> GenealogyJ
28/10/2006 16:46 <REP> Gimp
29/10/2006 11:33 <REP> Grisbi
07/10/2005 19:16 <REP> Heredis 8
19/10/2005 16:51 <REP> Hewlett-Packard
27/04/2006 17:55 <REP> Intel
07/03/2005 20:22 <REP> Internet Explorer
16/10/2006 20:17 <REP> Java
05/10/2005 00:21 <REP> Launch Manager
16/10/2006 18:24 <REP> Logitech
07/03/2005 20:21 <REP> Messenger
24/01/2007 17:26 <REP> MessengerSkinner
07/03/2005 20:25 <REP> microsoft frontpage
05/10/2005 00:25 <REP> Microsoft Office
05/10/2005 00:25 <REP> Microsoft Works
07/03/2005 20:22 <REP> Movie Maker
12/10/2006 18:42 <REP> Mozilla Firefox
22/10/2006 17:09 <REP> Mozilla Thunderbird
07/03/2005 20:21 <REP> MSN
07/03/2005 20:21 <REP> MSN Gaming Zone
21/09/2006 19:51 <REP> MSN Messenger
17/11/2006 07:47 <REP> MSXML 4.0
22/09/2006 17:47 <REP> Nero
14/11/2006 17:29 <REP> NetDrive
07/03/2005 20:22 <REP> NetMeeting
07/03/2005 20:49 <REP> NewTech Infosystems
07/03/2005 20:21 <REP> Online Services
14/01/2007 17:26 <REP> OpenOffice.org 2.1
07/03/2005 20:22 <REP> Outlook Express
31/10/2006 19:48 <REP> PDFCreator
11/12/2006 17:29 <REP> Peer2phone
03/01/2006 09:44 <REP> Photos de Famille
13/11/2006 13:51 <REP> Picasa2
21/09/2006 14:36 <REP> PowerQuest
18/02/2006 15:01 <REP> Quintessential Player
13/11/2006 10:44 <REP> RamVille
07/03/2005 20:36 <REP> Realtek Sound Manager
07/03/2005 20:23 <REP> Services en ligne
05/10/2005 00:19 <REP> SiS VGA Utilities V3.65f
07/03/2005 20:42 <REP> sisagp
26/10/2005 11:38 <REP> Symantec
26/10/2005 11:38 <REP> Symantec_Client_Security
07/03/2005 20:34 <REP> Synaptics
27/04/2006 17:52 <REP> Take 2 Interactive Software Europe
03/01/2006 09:44 <REP> Tracker Software
13/01/2007 10:13 <REP> Transcript
13/12/2005 16:54 <REP> VideoLAN
15/07/2006 21:17 <REP> VirtualDJ
02/12/2006 18:48 <REP> vso
13/01/2007 08:27 <REP> Windows Media Connect 2
07/03/2005 20:21 <REP> Windows Media Player
07/03/2005 20:21 <REP> Windows NT
22/03/2006 17:30 <REP> WinRAR
17/11/2004 08:12 1ÿ256ÿ895 winrar_winrar_3.41_francais_9632.exe
07/03/2005 20:25 <REP> xerox
1 fichier(s) 1ÿ256ÿ895 octets
75 R‚p(s) 13ÿ466ÿ796ÿ032 octets libres

******************************************
## Popups autorisées

* Internet Explorer

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow

* Mozilla Firefox (1 autorisé 2 interdit)

******************************************
## Registre

******************************************
## Zones de sécurité

* HKCU Domains (4)

* P3P History (5)

******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"

Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\WINDOWS

Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\WINDOWS

*************** Fin du rapport ****************

Logfile of HijackThis v1.99.1
Scan saved at 18:16:10, on 03/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Arcade\PCMService.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Documents and Settings\Véronique BOUTONNET\Mes documents\download\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\acer\eRecovery\Monitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\VÉRONI~1\LOCALS~1\Temp\Rar$EX00.360\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll (file missing)
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll (file missing)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [MtdAcq] C:\Program Files\Creative\Shared Files\Media Sniffer\MtdAcq.exe /s
O4 - HKCU\..\Run: [PDFSaver] C:\Program Files\Photos de Famille\PdfDrv\Install\PDFSaver.exe
O4 - HKCU\..\Run: [pdfSaver3] "C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Documents and Settings\Véronique BOUTONNET\Mes documents\download\Webroot\Spy Sweeper\WRSSSDK.exe

rapport blbeta:



02/03/07 14:15:53 [Info]: BlackLight Engine 1.0.55 initialized
02/03/07 14:15:53 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/03/07 14:15:53 [Note]: 7019 4
02/03/07 14:15:53 [Note]: 7005 0
02/03/07 14:15:58 [Note]: 7006 0
02/03/07 14:15:58 [Note]: 7011 1652
02/03/07 14:15:58 [Note]: 7026 0
02/03/07 14:15:59 [Note]: 7026 0
02/03/07 14:15:59 [Note]: 7024 3
02/03/07 14:15:59 [Info]: Hidden process: C:\windows\system32\nddipodddr.exe
02/03/07 14:16:04 [Note]: FSRAW library version 1.7.1021
02/03/07 14:16:41 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\NDDIPO~1.EXE
02/03/07 14:16:42 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\NDDIPO~1.DAT
02/03/07 14:16:42 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\NDDIPO~2.DAT
02/03/07 14:16:42 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\NDDIPO~3.DAT
02/03/07 14:16:45 [Note]: 2000 1012
02/03/07 14:16:45 [Note]: 2000 1012
02/03/07 14:16:45 [Note]: 2000 1012
02/03/07 14:16:45 [Note]: 2000 1012
02/03/07 14:18:38 [Note]: 7007 0

11 réponses

Réponse 1 / 11
philae83 Messages postés 12854 Statut Contributeur sécurité 206
 
continue ici
probleme messenger skinner

stp, sinon on ne peut pas s'y retrouver, je pense que c'est ton sujet initial.
Merci
:)
0
Réponse 2 / 11
vbouton
 
ben je veux bien mais comme j ai déjà répondu sur un début de conversation sur messenger skinner et que je n'avais pas de réponse c'est pour ça que j ai fais des nouveaux topics.

merci quand même
vbouton
0
Réponse 3 / 11
philae83 Messages postés 12854 Statut Contributeur sécurité 206
 
dans ces cas là, tu reprends le topic et tu fais remonter le sujet en écrivant qq chose ou bien un "UP"
mais il ne faut pas recréer des topics pour la même infection.
0
Réponse 4 / 11
salwa5 Messages postés 7552 Statut Contributeur 1 670
 
bonsoir tout le monde :)

Télécharge Brute Force Uninstaller (de Merijn) ici:
http://www.merijn.org/files/bfu.zip
Créé un nouveau dossier directement à la racine de ton disque dur ou l'endroit qui te convient, nomme ce dossier BFU.
Décompresse le fichier téléchargé dans ce nouveau dossier (par exemple C:\BFU)

Ensuite, télécharge EGDACCESS.bfu (de Metallica) :

Fais un clik droit ici : http://metallica.geekstogo.com/EGDACCESS.bfu et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note : si tu utlises Internet Explorer ; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

Lance "Brute Force Uninstaller" en double-cliquant BFU.exe (Dans le dossier C:\BFU)
- Clique sur le petit dossier jaune, et clique sur : EGDACCESS.bfu
- Coches la case Show log after script ends
- Clique sur Execute pour que le fix fasse son boulot :-)

Attends que le message Complete script execution apparaîsse et clique sur OK.
Un rapport va s'afficher dans la fenetre du programme, copie et colle dans le bloc-notes, puis sauvegardes le, tu le posteras plus tard sur le forum.
Clique Exit pour fermer le programme BFU.

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

Ensuite, lance Blacklight en double cliquant sur blbeta.exe et accepte la licence.
Clique sur Scan pour lancer l'analyse.
Une fois fait, selectionnes chaques fichiers trouvés et clic sur "RENAME"
Puis valide.
Réponds oui aux messages d'avertissements et te demandant si tu autorises le reboot du pc.

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

Après le reboot du pc, les fichiers :

c:\WINDOWS\SYSTEM32\nddipodddr_nav.dat
C:\windows\system32\nddipodddr.exe
c:\WINDOWS\SYSTEM32\gcbasnd_navps.dat
c:\WINDOWS\SYSTEM32\nddipodddr.dat

devraient être visible et pouvoir être supprimés sans aucuns soucis.
Blacklight ne les supprimes pas, il les renommes simplement et il va falloir que tu les vires toi même:
Va dans C:\windows\system32\ et recherches et effaces:

nddipodddr_nav.dat.ren
nddipoddd.exe.ren
nddipoddd_navps.dat.ren
nddipoddd.dat.ren

Une fois fait, reposte un rapport hijackthis + le rapport de BFU que tu auras sauvegardé et un nouveau rapport de blacklight.

bon nettoyage et bon courage ;-)

a+++
0
vbouton Messages postés 32 Statut Membre 1
 
Merci pour ta réponse voici les rapports que tu me demandes :
rapport hijackthis après reboot:

Logfile of HijackThis v1.99.1
Scan saved at 10:39:31, on 04/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Arcade\PCMService.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Véronique BOUTONNET\Mes documents\download\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\VÉRONI~1\LOCALS~1\Temp\Rar$EX00.422\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - (no file)
O3 - Toolbar: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - (no file)
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [nddipodddr] c:\windows\system32\nddipodddr.exe nddipodddr
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {BC027AD1-54AE-4D95-B668-C401B0851AF1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Documents and Settings\Véronique BOUTONNET\Mes documents\download\Webroot\Spy Sweeper\WRSSSDK.exe

rapport BFU avant reboot:

BFU v1.00.9
Windows XP SP2 (WinNT 5.01.2600 SP2)
Script started at 10:23:10, on 04/02/2007

Option Delete files to Recycle Bin: Yes
Failed: RegDelValue HKCU\software\microsoft\windows\currentversion\wintrust\trust providers\software publishing\trust database\0|ELECTRONIC GROUP (key not found)
Failed: DllUnregister C:\WINDOWS\system32\MSWBM32.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MailSkinner\OESkinner.dll|1 (file not found)
Failed: FolderDelete C:\Program Files\dialpass (folder not found)
Failed: FolderDelete C:\Program Files\eghtmldialer (folder not found)
Failed: FolderDelete C:\Program Files\egroup (folder not found)
Failed: FolderDelete C:\Program Files\Instant Access (folder not found)
Failed: FolderDelete C:\Program Files\MailSkinner (folder not found)
Failed: FolderDelete C:\Program Files\InternetGameBox (folder not found)
Failed: FolderDelete C:\Program Files\GoRecord2 (folder not found)
Failed: FolderDelete C:\Program Files\GoAstro (folder not found)
Failed: FolderDelete C:\Program Files\SudoPlanet (folder not found)
Failed: FolderDelete C:\Program Files\WebMediaPlayer (folder not found)
Failed: DllUnregister C:\WINDOWS\mslagent\2_mslagent.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\navmpc\2_navmpc.dll|1 (file not found)
Failed: FolderDelete C:\WINDOWS\mslagent (folder not found)
Failed: FolderDelete C:\WINDOWS\navmpc (folder not found)
Failed: FolderDelete C:\WINDOWS\msskinner (folder not found)
Failed: FolderDelete C:\WINDOWS\wintrim (folder not found)
Failed: FolderDelete C:\WINDOWS\wincomp (folder not found)
Failed: FolderDelete C:\WINDOWS\winmgts (folder not found)
Failed: FolderDelete C:\WINDOWS\simcss (folder not found)
Failed: FolderDelete C:\WINDOWS\mc (folder not found)
Failed: FileDelete C:\DOCUME~1\VÉRONI~1\LOCALS~1\Temp\~DF6B9C.tmp (operation failed)
Failed: FileDelete C:\DOCUME~1\VÉRONI~1\LOCALS~1\Temp\~DF9790.tmp (operation failed)
Failed: FileDelete C:\DOCUME~1\VÉRONI~1\LOCALS~1\Temp\~DF979A.tmp (operation failed)
Failed: FileDelete C:\DOCUME~1\VÉRONI~1\LOCALS~1\Temp\~DFA00C.tmp (operation failed)
Failed: FileDelete C:\DOCUME~1\VÉRONI~1\LOCALS~1\Temp\~DFA05F.tmp (operation failed)
Failed: FolderDelete C:\WINDOWS\Temp\_avast4_ (operation failed)
Failed: FileDelete C:\WINDOWS\Temp\Perflib_Perfdata_7d0.dat (operation failed)
Script completed.

rapport blbeta.exe après:

02/04/07 10:42:45 [Info]: BlackLight Engine 1.0.55 initialized
02/04/07 10:42:45 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/04/07 10:42:45 [Note]: 7019 4
02/04/07 10:42:45 [Note]: 7005 0
02/04/07 10:42:48 [Note]: 7006 0
02/04/07 10:42:48 [Note]: 7011 1332
02/04/07 10:42:48 [Note]: 7026 0
02/04/07 10:42:48 [Note]: 7026 0
02/04/07 10:42:56 [Note]: FSRAW library version 1.7.1021
02/04/07 10:43:22 [Note]: 2000 1012
02/04/07 10:43:30 [Note]: 7007 0

merci pour tes réponses

vbouton
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 11
salwa5 Messages postés 7552 Statut Contributeur 1 670
 
bonjour commence par desinstaller ce programe inutile :

*Logitech Desktop Messenger

- Va dans le Panneau de Configuration >> Ajout/Suppression de programmes, et désinstalle/supprime celui-ci :
Logitech Desktop Messenger

**Note : ce programme permet la mise à jour automatique des progs "Logitech". ( c'est sa WebCam ! )
En réalité, c'est un prog inutile qui bouffe les ressources et qui "ouvre une porte" qui pourrait être exploitée par des pirates.
( merci Qc001 )

Les mises à jour de logiciels "Logitech" se font aisément à partir des progs eux-mêmes ( en manuel : tu cliques sur la miniature de ta WebCam près de l’horlroge )), donc pas de souci de ce côté.

ensuite ouvre hijacthis coches ces lignes puis clic sur fix checked

O2 - BHO: (no name) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - (no file)
O3 - Toolbar: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - (no file)

O4 - HKLM\..\Run: [nddipodddr] c:\windows\system32\nddipodddr.exe nddipodddr

O9 - Extra button: (no name) - {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

telecharge et execute

AVG anti spyware
https://www.01net.com/telecharger/

(n'oublie pas de le mettre a jour avant de lancer le scan)

Relance AVG AS puis choisis l'onglet "Analyse"
Puis l'onglet "Paramètres"
Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"

/!\ Si un fichier est infecté en fin d'analyse /!\
Clique sur "Appliquer toutes les actions "

Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau ensuite colle le raport ici

supprime les fichiers inutiles (fichiers temporaire , cookies .. ect avec ceci

Ccleaner
https://www.malekal.com/tutoriel-ccleaner/

ensuite installes un parefeu pour empecher les virus de revenir

Kerio (parefeu)

https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html

tuto

http://www.malekal.com/kerio_firewall.php

quand t'aura fini postes le raport avg + un hijacthis :)

a++++
0
Réponse 6 / 11
vbouton
 
merci encore pour ton aide même un dimanche

voici les rapports:

avg:

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 14:28:36 04/02/2007

+ Résultat de l'analyse:

:mozilla.587:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.588:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.90:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.91:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.92:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.93:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.147:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.148:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.149:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.703:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.786:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Clickzs : Nettoyé.
:mozilla.789:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Clickzs : Nettoyé.
:mozilla.120:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.66:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.13:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Etracker : Nettoyé.
:mozilla.15:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Etracker : Nettoyé.
:mozilla.16:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.17:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.22:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.23:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.24:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.25:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.26:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.152:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.543:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.615:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.841:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.891:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.425:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Masterstats : Nettoyé.
:mozilla.245:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.251:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.252:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.475:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.476:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.477:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.478:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.479:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.480:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.440:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.444:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.445:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.446:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.447:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.448:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.449:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.450:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.451:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.452:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.459:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.468:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.469:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.10:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.185:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.186:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.188:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.9:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Véronique BOUTONNET\Cookies\véronique_boutonnet@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Véronique BOUTONNET\Cookies\véronique_boutonnet@weborama[3].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.242:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.243:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.81:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.82:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.83:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.84:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.85:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.86:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.87:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.88:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.89:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.

Fin du rapport

hijack this:

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 14:28:36 04/02/2007

+ Résultat de l'analyse:

:mozilla.587:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.588:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.90:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.91:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.92:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.93:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.147:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.148:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.149:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.703:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.786:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Clickzs : Nettoyé.
:mozilla.789:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Clickzs : Nettoyé.
:mozilla.120:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.66:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.13:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Etracker : Nettoyé.
:mozilla.15:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Etracker : Nettoyé.
:mozilla.16:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.17:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.22:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.23:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.24:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.25:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.26:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.152:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.543:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.615:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.841:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.891:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.425:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Masterstats : Nettoyé.
:mozilla.245:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.251:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.252:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.475:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.476:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.477:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.478:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.479:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.480:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.440:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.444:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.445:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.446:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.447:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.448:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.449:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.450:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.451:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.452:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.459:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.468:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.469:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.10:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.185:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.186:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.188:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.9:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Véronique BOUTONNET\Cookies\véronique_boutonnet@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Véronique BOUTONNET\Cookies\véronique_boutonnet@weborama[3].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.242:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.243:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.81:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.82:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.83:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.84:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.85:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.86:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.87:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.88:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.89:C:\Documents and Settings\Véronique BOUTONNET\Application Data\Mozilla\Firefox\Profiles\32yhqehd.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.

Fin du rapport

vbouton
0
Réponse 7 / 11
salwa5 Messages postés 7552 Statut Contributeur 1 670
 
bonjour :) poste un dernier log hijacthis pour voir si tout est OK

a+++
0
Réponse 8 / 11
vbouton Messages postés 32 Statut Membre 1
 
Volà le dernier rapport hijack this:

Logfile of HijackThis v1.99.1
Scan saved at 07:23:23, on 05/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\keyhook.exe
C:\Documents and Settings\Véronique BOUTONNET\Mes documents\download\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Arcade\PCMService.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\VÉRONI~1\LOCALS~1\Temp\Rar$EX00.984\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Documents and Settings\Véronique BOUTONNET\Mes documents\download\Webroot\Spy Sweeper\WRSSSDK.exe

Merci encore pour ton aide

vbouton
0
Réponse 9 / 11
salwa5 Messages postés 7552 Statut Contributeur 1 670
 
bonjour ton raport est propre il te manque just un parefeu

donc installes kerio pour empecher les virus de revenir

Kerio (parefeu)

https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html

tuto

http://www.malekal.com/kerio_firewall.php

pour finir quelque conseils de base :

* Ne pas telecharger n'importe quoi eviter les programes gratuit genre smileys ...ect

* Toujour analyser les fichiers telecharger depuis un peer to peer (emule , kazza ... ect) avant de les executer

* Ne pas ouvrir les pieces jointes d'un expediteur inconnu et toujour les analysé avant de les ouvrir

* Toujour analysé les fichiers recu via msn ou autre avec ton antivirus

* Ne pas cliqué sur des lien louche dans msn

* Passe reglierement les antispyware (adaware , spybot , avg .. ect) pense a les mettre ajour avant de les lancé c'est tres important

* Supprime regulierement les fichiers inutiles (fichiers temporaire , cookies .. ect) a l'aide de CCleaner https://www.malekal.com/tutoriel-ccleaner/

* Netoye ta base de registre avec regcleaner https://www.malekal.com/nettoyer-sa-base-de-registre-avec-windows-registry-cleaner/

* Utiliser le navigateur Mozzilla il est plus sure http://www.mozilla-europe.org/fr/products/firefox/

-Maintenant que ton ordinateur est propre je te conseille de creer un point de restauration comme ca en cas de probleme (virus , plantage ..ect) tu poura tjr revenir en arriere
http://www.aidoforum.com/tutoriaux-371-creer-un-point-de-restauration-sous-windows.html

a+++

Bon surf ;)
0
Réponse 10 / 11
vbouton Messages postés 32 Statut Membre 1
 
Un grand Merci pour tes nombreux conseils.
je vais suivre les derniers que tu m'as donnés

merci merci milles mercis

vbouton
0
Réponse 11 / 11
salwa5 Messages postés 7552 Statut Contributeur 1 670
 
de rien :)

a++
0

Discussions similaires

Analyse des logs hijackthis
philnoug -
nayas13 -

35 réponses
rapport Hijackthis
kawito33 -
kawito33 -

87 réponses
Analyse rapport Hijackthis
Utilisateur anonyme -
Malekal_morte- -

20 réponses
spywar
stephane74 -
stephane74 -

4 réponses
Processus et démarrage
baptcollot -
baptcollot -

4 réponses