[virus] HLLP-vova 10.1B ; voici mon hijack
Fermé
cedemagadak
Messages postés
17
Date d'inscription
mercredi 11 octobre 2006
Statut
Membre
Dernière intervention
6 mars 2008
-
5 juin 2007 à 03:58
ced - 6 juin 2007 à 01:01
ced - 6 juin 2007 à 01:01
A voir également:
- [virus] HLLP-vova 10.1B ; voici mon hijack
- Youtu.be virus - Accueil - Guide virus
- Svchost.exe virus - Guide
- Vova site - Forum Mail
- Operagxsetup virus ✓ - Forum Virus
- Virus mcafee - Accueil - Piratage
3 réponses
Utilisateur anonyme
5 juin 2007 à 04:35
5 juin 2007 à 04:35
Bonjour
Fais ceci :
¤ Pour afficher tous les dossiers et fichiers cachés :
Clic sur "démarrer", "panneau de configuration", "outils" ,"option des dossiers", "affichage"
Coche :
- afficher les fichiers et dossiers cachés
Décoche :
- masquer les fichiers protégés du système ...
- Clic sur "appliquer" puis "ok"
----------------------------------------------------------
Clic sur démarrer, rechercher, tous les fichiers et dossiers, cherche et supprime :
- AdobeR.exe
Clic sur démarrer, poste de travail, C, cherche et supprime ce fichier :
- autorun.inf
**Si un fichier/dossier persiste lors de la suppression fait ceci:
- Redémarre ton PC. Dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaître choisis "mode sans echec" attends un peu..
Puis va supprimer les fichiers/dossiers, vide ta corbeille et redémarre ton PC normalement.
Télécharge et installe AVG anti-spyware : mets le à jour
Tu fais un scan complet de ton système, dès qu'il a fini.
Si il te trouve des espions,supprime les. Enregistre le rapport et colle le ici stp
Téléchargeable et tutoriel sur cette page :
--> http://redir.fr/gsel
Si tu n'arrives pas à le mettre à jour prends ici les mises à jour
http://downloads.ewido.net/avgas-signatures-full-current.exe
Ca ne sera pas terminè.
Fais ceci :
¤ Pour afficher tous les dossiers et fichiers cachés :
Clic sur "démarrer", "panneau de configuration", "outils" ,"option des dossiers", "affichage"
Coche :
- afficher les fichiers et dossiers cachés
Décoche :
- masquer les fichiers protégés du système ...
- Clic sur "appliquer" puis "ok"
----------------------------------------------------------
Clic sur démarrer, rechercher, tous les fichiers et dossiers, cherche et supprime :
- AdobeR.exe
Clic sur démarrer, poste de travail, C, cherche et supprime ce fichier :
- autorun.inf
**Si un fichier/dossier persiste lors de la suppression fait ceci:
- Redémarre ton PC. Dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaître choisis "mode sans echec" attends un peu..
Puis va supprimer les fichiers/dossiers, vide ta corbeille et redémarre ton PC normalement.
Télécharge et installe AVG anti-spyware : mets le à jour
Tu fais un scan complet de ton système, dès qu'il a fini.
Si il te trouve des espions,supprime les. Enregistre le rapport et colle le ici stp
Téléchargeable et tutoriel sur cette page :
--> http://redir.fr/gsel
Si tu n'arrives pas à le mettre à jour prends ici les mises à jour
http://downloads.ewido.net/avgas-signatures-full-current.exe
Ca ne sera pas terminè.
cedemagadak
Messages postés
17
Date d'inscription
mercredi 11 octobre 2006
Statut
Membre
Dernière intervention
6 mars 2008
1
5 juin 2007 à 14:58
5 juin 2007 à 14:58
Merci beaucoup !
Alors, voilà où j'en suis :
Je n'ai trouvé ni AdobeR.exe ni autorun.inf. Parmi les dossiers cachés, j'ai trouvé le system volume information (accès refusé) dans lequel était caché le virus HLLP-vova (d'ailleurs, il est en quarantaine dans avast, estce que je dois le supprimer?) et beaucoup de fichiers .sqm (connais pas)
Voici le rapport d'AVG :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 12:44:56 05/06/2007
+ Résultat de l'analyse:
:mozilla.492:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.108:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.23:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.24:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.25:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.26:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.27:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.406:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.425:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.160:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.161:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.162:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.163:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.122:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.123:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.228:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.229:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.484:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.174:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.54:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.220:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.221:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.226:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.227:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.70:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.71:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.72:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.12:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.73:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.149:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.150:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.151:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.385:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.394:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.322:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.324:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.325:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.104:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.46:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.244:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
:mozilla.165:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.166:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.167:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.168:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.169:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.170:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.463:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.464:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.507:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.31:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.32:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.33:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.34:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.203:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.204:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.205:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.206:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.88:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.89:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.90:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.91:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.92:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.93:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.94:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.95:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.96:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.216:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.217:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.218:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.219:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.196:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.197:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.452:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.29:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.30:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.36:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.39:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.496:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.63:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.64:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.65:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
Fin du rapport
Je remets un hijack au cas où :
Logfile of HijackThis v1.99.1
Scan saved at 12:53:03, on 05/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FDD1AF36-E5A2-43F1-A08A-CE0AE5F78A0A}: NameServer = 213.154.95.126 213.154.64.13
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
To be continued...
Alors, voilà où j'en suis :
Je n'ai trouvé ni AdobeR.exe ni autorun.inf. Parmi les dossiers cachés, j'ai trouvé le system volume information (accès refusé) dans lequel était caché le virus HLLP-vova (d'ailleurs, il est en quarantaine dans avast, estce que je dois le supprimer?) et beaucoup de fichiers .sqm (connais pas)
Voici le rapport d'AVG :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 12:44:56 05/06/2007
+ Résultat de l'analyse:
:mozilla.492:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.108:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.23:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.24:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.25:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.26:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.27:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.406:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.425:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.160:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.161:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.162:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.163:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.122:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.123:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.228:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.229:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.484:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.174:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.54:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.220:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.221:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.226:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.227:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.70:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.71:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.72:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.12:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.73:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.149:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.150:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.151:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.385:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.394:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.322:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.324:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.325:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.104:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.46:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.244:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
:mozilla.165:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.166:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.167:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.168:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.169:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.170:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.463:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.464:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.507:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.31:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.32:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.33:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.34:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.203:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.204:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.205:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.206:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.88:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.89:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.90:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.91:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.92:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.93:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.94:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.95:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.96:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.216:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.217:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.218:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.219:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.196:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.197:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.452:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.29:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.30:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.36:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.39:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.496:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.63:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.64:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.65:C:\Documents and Settings\mag\Application Data\Mozilla\Firefox\Profiles\ia4322uu.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
Fin du rapport
Je remets un hijack au cas où :
Logfile of HijackThis v1.99.1
Scan saved at 12:53:03, on 05/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FDD1AF36-E5A2-43F1-A08A-CE0AE5F78A0A}: NameServer = 213.154.95.126 213.154.64.13
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
To be continued...
