Sujet Précédent Sujet Suivant

Virus obfustat, analyse log hijack this

Fermé
matt33 - 3 déc. 2007 à 22:10
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 4 déc. 2007 à 18:08
Bonjour,


Voilà, j'ai détecté grâce à avg le virus obfustat (obfustat.aavd me semble t-il)
j'ai fait un scan avec hijackthis que voici
(ma config ordinateur portable asus, win xp)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:05:07, on 03/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\ASUS\Wireless Console\wcourier.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\vsnpstd.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\spoolsvc.exe
C:\WINDOWS\system32\bacmimf.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Mathieu\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {7E70AEC4-A740-4105-A4F6-74C03A92F6D7} - C:\WINDOWS\system32\ddcyy.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [PKR Pal] "./\pkrpal.exe" -osboot
O4 - HKLM\..\Run: [Spooler SubSystem App] C:\WINDOWS\system32\spoolsvc.exe
O4 - HKLM\..\Run: [Advanced DHTML Enable] C:\WINDOWS\system32\bacmimf.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PathOOOvirg] C:\Program Files\OpenOffice.org1.1.4\program\OOoVirgTray.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 1.1.4.lnk = C:\Program Files\OpenOffice.org1.1.4\program\quickstart.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?de8111cf13574958a38b652d0fda380a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?de8111cf13574958a38b652d0fda380a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1118334361543
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E940E80E-6C02-470B-90DE-FF7585BE188A}: NameServer = 217.194.130.1,217.194.129.30
O20 - Winlogon Notify: byxwtrp - byxwtrp.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
A voir également:

18 réponses

Réponse 1 / 18
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
3 déc. 2007 à 22:16
slt,
desinstalle

Titan Poker - et
PokerStars

____________________

mets a jour java: DEMARRER puis PANNEAU DE CONFIGURATION
puis JAVA puis MISE A JOUR

____________________




scan avec vundofix (colle le rapport)

Téléchargez VundoFix -> http://www.atribune.org/ccount/click.php?id=4

Double cliquez VundoFix.exe pour l'exécuter.
Quand VundoFix s'ouvre, cliquez sur le bouton Scan for Vundo.
Une fois le scan fini, cliquez sur le bouton Remove Vundo.
Vous recevrez un avertissement vous demandant si vous voulez effacer ces
fichiers répondez en cliquant sur YES
Une fois que vous avez cliqué yes, votre bureau deviendra vide au moment où il
enlève Vundo.

Quand c'est fini, il vous sera demandé de redémarrer votre ordinateur, cliquez
OK.

_______________________

combofix (colle le rapport)
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

______________________



colle le rapport d'un scan en ligne
avec un des suivants:


bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr


_______________________

refait hijacthis


Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.

ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste

Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
0
Réponse 2 / 18
matt33
3 déc. 2007 à 23:39
titan et poker stars ont été désinstallés
java mis à jour

vundofix n'a rien tourvé
voici le rapport combofix

ComboFix 07-12-02.6 - Mathieu 2007-12-03 23:27:01.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.181 [GMT 1:00]
Running from: C:\Documents and Settings\Mathieu\Bureau\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-03 to 2007-12-03 ))))))))))))))))))))))))))))))))))))
.

2007-12-03 22:26 . 2007-12-03 22:26 <REP> d-------- C:\VundoFix Backups
2007-12-03 22:25 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2007-12-02 11:03 . 2007-12-03 22:19 <REP> d-------- C:\Program Files\PokerStars.NET
2007-12-01 22:31 . 2007-12-01 22:33 <REP> d-------- C:\Documents and Settings\Mathieu\Application Data\SecondLife
2007-12-01 22:30 . 2007-12-01 22:31 <REP> d-------- C:\Program Files\SecondLife
2007-11-30 20:17 . 2007-11-30 20:17 230 --a------ C:\WINDOWS\system32\spupdsvc.inf
2007-11-30 20:17 . 2007-11-30 20:17 0 --------- C:\WINDOWS\system32\HFXDE.tmp
2007-11-30 20:07 . 2007-11-30 20:17 <REP> d-------- C:\cca7ddbd9728e7c455d9ed2bf5
2007-11-30 20:06 . 2007-11-30 20:06 <REP> d-------- C:\Program Files\Windows Live Favorites
2007-11-30 20:06 . 2007-11-30 20:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2007-11-30 20:05 . 2007-11-30 20:06 <REP> d-------- C:\Program Files\Windows Live Toolbar
2007-11-30 19:53 . 2007-11-30 19:54 <REP> d-------- C:\Program Files\Google
2007-11-29 15:17 . 2007-11-29 15:17 6,742 ---hs---- C:\WINDOWS\system32\yycdd.bak2
2007-11-29 11:20 . 2007-11-30 12:00 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\AVG7
2007-11-29 11:18 . 2005-03-14 14:33 <REP> d-------- C:\Documents and Settings\Administrateur\WINDOWS
2007-11-29 11:18 . 2005-03-14 14:18 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2007-11-29 11:18 . 2005-03-14 14:18 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2007-11-29 11:18 . 2005-03-14 14:18 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2007-11-29 11:18 . 2005-03-14 14:44 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
2007-11-29 11:18 . 2005-03-14 14:18 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2007-11-29 11:18 . 2005-03-14 14:44 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
2007-11-29 11:18 . 2005-03-14 14:18 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2007-11-29 11:18 . 2005-03-14 14:40 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
2007-11-29 11:18 . 2005-03-14 14:33 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\InterTrust
2007-11-29 11:18 . 2005-03-14 14:53 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Intel
2007-11-29 10:46 . 2007-11-29 10:46 20,729 --a------ C:\WINDOWS\system32\bacmimf.exe
2007-11-29 03:17 . 2007-11-29 03:17 6,495 ---hs---- C:\WINDOWS\system32\yycdd.bak1
2007-11-29 03:16 . 2007-11-30 11:24 21,593 ---hs---- C:\WINDOWS\system32\yycdd.ini
2007-11-28 17:58 . 2007-11-28 17:58 20,729 --a------ C:\WINDOWS\system32\ozxortg.exe
2007-11-28 17:35 . 2007-11-28 17:35 20,729 --a------ C:\WINDOWS\system32\sfbi.exe
2007-11-28 10:45 . 2007-11-28 10:45 20,729 --a------ C:\WINDOWS\system32\ukgupmod.exe
2007-11-28 03:09 . 2007-11-28 03:09 20,729 --a------ C:\WINDOWS\system32\ajkxn.exe
2007-11-28 03:06 . 2007-11-28 03:06 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-27 13:59 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-11-27 13:59 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-11-27 13:59 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2007-11-27 12:15 . 2007-11-27 12:15 20,729 --a------ C:\WINDOWS\system32\ayfm.exe
2007-11-27 11:37 . 2007-11-27 11:37 20,729 --a------ C:\WINDOWS\system32\ebysdz.exe
2007-11-26 22:27 . 2007-11-27 21:08 <REP> d-------- C:\Documents and Settings\Mathieu\Contacts
2007-11-26 22:22 . 2007-11-26 22:22 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-11-26 22:14 . 2007-11-26 22:17 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-11-26 22:12 . 2007-11-26 22:32 <REP> d-------- C:\Program Files\Windows Live
2007-11-26 22:11 . 2007-11-26 22:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-20 16:41 . 2007-11-20 16:41 <REP> d-------- C:\Documents and Settings\Mathieu\Application Data\TransRender
2007-11-20 16:41 . 2007-11-20 16:41 <REP> d-------- C:\Documents and Settings\Mathieu\Application Data\Temporary
2007-11-20 16:41 . 2007-11-20 16:41 <REP> d-------- C:\Documents and Settings\Mathieu\Application Data\ConvertTemp
2007-11-20 16:33 . 2007-11-20 16:33 <REP> d-------- C:\Documents and Settings\Mathieu\Application Data\Samsung
2007-11-20 16:27 . 2007-07-03 16:58 106,792 --a------ C:\WINDOWS\system32\drivers\sscdmdm.sys
2007-11-20 16:27 . 2007-07-03 16:54 80,552 --a------ C:\WINDOWS\system32\drivers\sscdbus.sys
2007-11-20 16:27 . 2007-07-03 16:57 11,944 --a------ C:\WINDOWS\system32\drivers\sscdmdfl.sys
2007-11-20 16:27 . 2007-07-03 17:00 9,256 --a------ C:\WINDOWS\system32\drivers\sscdwhnt.sys
2007-11-20 16:27 . 2007-07-03 17:00 9,256 --a------ C:\WINDOWS\system32\drivers\sscdwh.sys
2007-11-20 16:27 . 2007-07-03 16:56 9,256 --a------ C:\WINDOWS\system32\drivers\sscdcmnt.sys
2007-11-20 16:27 . 2007-07-03 16:56 9,256 --a------ C:\WINDOWS\system32\drivers\sscdcm.sys
2007-11-20 16:01 . 2005-08-13 05:06 22,486 -ra------ C:\WINDOWS\system32\UnInstall_Sample.ico
2007-11-20 16:00 . 2006-05-03 22:53 174,592 --a------ C:\WINDOWS\system32\framedyn.dll
2007-11-20 15:59 . 2006-07-24 16:05 5,632 --a------ C:\WINDOWS\system32\drivers\StarOpen.sys
2007-11-20 15:58 . 2007-11-20 15:59 <REP> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
2007-11-20 15:58 . 2007-11-20 15:58 <REP> d-------- C:\Program Files\Samsung
2007-11-20 15:58 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico
2007-11-20 12:49 . 2007-11-20 12:49 <REP> d-------- C:\Documents and Settings\Mathieu\Application Data\InstallShield

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-03 22:34 --------- d-----w C:\Program Files\OpenOffice.org1.1.4
2007-12-03 21:25 --------- d-----w C:\Program Files\Java
2007-12-03 12:50 --------- d-----w C:\Program Files\eMule
2007-12-03 10:32 --------- d-----w C:\Documents and Settings\Mathieu\Application Data\AVG7
2007-11-21 15:32 --------- d-----w C:\Program Files\Battle Engine Aquila
2007-11-20 15:30 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-17 21:48 --------- d-----w C:\Program Files\PKR
2007-11-12 16:05 --------- d-----w C:\Program Files\Nokia
2007-11-12 16:03 --------- d-----w C:\Program Files\L'Odyssée d'Abe
2007-10-27 17:25 --------- d-----w C:\Program Files\TVAnts
2007-10-27 09:29 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7E70AEC4-A740-4105-A4F6-74C03A92F6D7}]
C:\WINDOWS\system32\ddcyy.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
"PathOOOvirg"="C:\Program Files\OpenOffice.org1.1.4\program\OOoVirgTray.exe" [2004-10-28 00:10]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-03 23:29]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-11-30 19:54]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2004-12-16 18:19]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe" [2004-08-12 16:45 C:\WINDOWS\system32\Hdaudpropshortcut.exe]
"ASUS Live Update"="C:\Program Files\ASUS\ASUS Live Update\ALU.exe" [2003-09-19 11:54]
"Wireless Console"="C:\Program Files\ASUS\Wireless Console\wcourier.exe" [2005-01-14 20:12]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-12-22 16:23]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-12-22 16:23]
"SoundMan"="SOUNDMAN.EXE" [2004-11-19 00:21 C:\WINDOWS\SoundMan.exe]
"AlcWzrd"="ALCWZRD.EXE" [2004-11-19 00:20 C:\WINDOWS\ALCWZRD.EXE]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-09-09 20:10]
"Power_Gear"="C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" [2004-09-21 15:55]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-15 10:27]
"EOUApp"="C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" [2004-10-15 10:31]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"QuickTime Task"="C:\WINDOWS\system32\qttask.exe" [2005-07-06 17:22]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [2003-12-31 15:39]
"Camera Detector"="C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.exe" [2003-11-17 10:52]
"Tweak UI"="RUNDLL32.exe" [2004-08-05 13:00 C:\WINDOWS\system32\rundll32.exe]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-11-10 12:25]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 18:40]
"PKR Pal"="./\pkrpal.exe" []
"Spooler SubSystem App"="C:\WINDOWS\system32\spoolsvc.exe" [2007-06-13 14:22]
"Advanced DHTML Enable"="C:\WINDOWS\system32\bacmimf.exe" [2007-11-29 10:46]
"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-11-10 12:25]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{8E3FBDE2-7DBD-4040-85D9-29BBC559C129}"= C:\WINDOWS\system32\byxwtrp.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\byxwtrp]
byxwtrp.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
C:\Program Files\Intel\Wireless\Bin\LgNotify.dll 2004-10-15 10:27 110592 C:\Program Files\Intel\Wireless\Bin\LgNotify.dll

R0 R592;R592;C:\WINDOWS\system32\DRIVERS\R592.sys
R0 risdpntk;risdpntk;C:\WINDOWS\system32\DRIVERS\risdpntk.sys
R3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys
S3 Asushwio;Asushwio;\??\C:\WINDOWS\system32\drivers\Asushwio.sys
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\sscdbus.sys
S3 sscdmdfl;SAMSUNG Mobile Modem Filter;C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
S3 sscdmdm;SAMSUNG Mobile Modem Drivers;C:\WINDOWS\system32\DRIVERS\sscdmdm.sys

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d986106-ddd0-11d9-b790-0012f007f00a}]
\Shell\AutoRun\command - I:\setupSNK.exe

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-12-03 21:43:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
.
**************************************************************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-03 23:34:05
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-03 23:35:40 - machine was rebooted
.
--- E O F ---



je fait le reste de la manip, à tout de suite
0
Réponse 3 / 18
matt33
3 déc. 2007 à 23:43
pandascan a détecté quelquechose (sans me dire quoi) et me conseille de désinfecter avec totalscan
0
Réponse 4 / 18
matt33
3 déc. 2007 à 23:57
voici ce que trouve total scan, je n'ai pas mis les cookies


Trj/Ranky.TP Virus
Actif/Active
Masquer +Infos
C:\WINDOWS\system32\ebysdz.exe
C:\WINDOWS\system32\ozxortg.exe
C:\WINDOWS\SYSTEM32\BACMIMF.EXE
C:\WINDOWS\system32\ukgupmod.exe
C:\WINDOWS\system32\sfbi.exe
C:\WINDOWS\system32\ajkxn.exe
C:\WINDOWS\system32\ayfm.exe

Fichiers suspects (1)
C:\WINDOWS\SYSTEM32\SPOOLSVC.EXE

à noter que ce fichier spoolsvc je le soupsconnais déjà car depuis que l'ordi est infecté, il cherche à se connecter à internet dès que je démarre et régulièrement ensuite...
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 18
matt33
3 déc. 2007 à 23:59
je met le log complet de total scan

;***********************************************************************************************************************************************************************************
ANALYSIS: 2007-12-03 23:57:48
PROTECTIONS: 1
MALWARE: 31
SUSPECTS: 1
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
AVG 7.5.503 7.5.503 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.atdmt.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@tradedoubler[2].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.tradedoubler.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.247realmedia.com/]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.247realmedia.com/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@fastclick[1].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@tribalfusion[2].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.tribalfusion.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@mediaplex[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.mediaplex.com/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.com.com/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.xiti.com/]
00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[fe.lea.lycos.fr/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.statcounter.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@ad.yieldmanager[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[ad.yieldmanager.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.apmebf.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.apmebf.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@serving-sys[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.bs.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@bs.serving-sys[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.weborama.fr/]
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@weborama[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.weborama.fr/]
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.adtech.de/]
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.adtech.de/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[fl01.ct2.comclick.com/]
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[fl01.ct2.comclick.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@advertising[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.advertising.com/]
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[statse.webtrendslive.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@ads.pointroll[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.ads.pointroll.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.overture.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.overture.com/]
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@overture[1].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.overture.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@questionmarket[2].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.questionmarket.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.questionmarket.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@zedo[1].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@bluestreak[1].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.bluestreak.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@adrevolver[1].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.adrevolver.com/]
00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.adviva.net/]
00234869 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@media.fastclick[2].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Mathieu\Cookies\mathieu@smartadserver[2].txt
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\WINDOWS\NirCmd.exe
02882413 Trj/Ranky.TP Virus/Trojan No 0 Yes No C:\WINDOWS\system32\ayfm.exe
02882413 Trj/Ranky.TP Virus/Trojan No 0 Yes No C:\WINDOWS\system32\ebysdz.exe
02882413 Trj/Ranky.TP Virus/Trojan No 0 Yes No C:\WINDOWS\system32\ozxortg.exe
02882413 Trj/Ranky.TP Virus/Trojan No 0 Yes No C:\WINDOWS\system32\sfbi.exe
02882413 Trj/Ranky.TP Virus/Trojan No 0 Yes No C:\WINDOWS\system32\ukgupmod.exe
02882413 Trj/Ranky.TP Virus/Trojan Yes 1 Yes No C:\WINDOWS\SYSTEM32\BACMIMF.EXE
02882413 Trj/Ranky.TP Virus/Trojan No 0 Yes No C:\WINDOWS\system32\ajkxn.exe
;===================================================================================================================================================================================
SUSPECTS
Location
;===================================================================================================================================================================================
C:\WINDOWS\SYSTEM32\SPOOLSVC.EXE
;===================================================================================================================================================================================
0
Réponse 6 / 18
matt33
4 déc. 2007 à 00:04
et enfin le log hijack this (que j'ai renommé comme tu l'as expliqué)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:03:03, on 04/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\ASUS\Wireless Console\wcourier.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\qttask.exe
C:\WINDOWS\vsnpstd.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\spoolsvc.exe
C:\WINDOWS\system32\bacmimf.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hijackthis\eden.Exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E70AEC4-A740-4105-A4F6-74C03A92F6D7} - C:\WINDOWS\system32\ddcyy.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [PKR Pal] "./\pkrpal.exe" -osboot
O4 - HKLM\..\Run: [Spooler SubSystem App] C:\WINDOWS\system32\spoolsvc.exe
O4 - HKLM\..\Run: [Advanced DHTML Enable] C:\WINDOWS\system32\bacmimf.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PathOOOvirg] C:\Program Files\OpenOffice.org1.1.4\program\OOoVirgTray.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 1.1.4.lnk = C:\Program Files\OpenOffice.org1.1.4\program\quickstart.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?de8111cf13574958a38b652d0fda380a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?de8111cf13574958a38b652d0fda380a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
0
Réponse 7 / 18
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
4 déc. 2007 à 09:46
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".

O2 - BHO: (no name) - {7E70AEC4-A740-4105-A4F6-74C03A92F6D7} - C:\WINDOWS\system32\ddcyy.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe

O4 - HKLM\..\Run: [PKR Pal] "./\pkrpal.exe" -osboot

O20 - Winlogon Notify: byxwtrp - byxwtrp.dll (file missing)

_________________________


télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :


C:\WINDOWS\system32\ayfm.exe
C:\WINDOWS\system32\ebysdz.exe
C:\WINDOWS\system32\ozxortg.exe
C:\WINDOWS\system32\sfbi.exe
C:\WINDOWS\system32\ukgupmod.exe
C:\WINDOWS\SYSTEM32\BACMIMF.EXE
C:\WINDOWS\system32\ajkxn.exe


clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.


__________________________


recolle un scan en ligne et un rapport hijackthis complet cette fois
et dis tes soucis


a plus
0
Réponse 8 / 18
matt33
4 déc. 2007 à 12:08
déjà merci beaucoup pour ton aide

rapport OTMoveIt
File/Folder C:\WINDOWS\system32\ayfm.exe not found.
File/Folder C:\WINDOWS\system32\ebysdz.exe not found.
File/Folder C:\WINDOWS\system32\ozxortg.exe not found.
File/Folder C:\WINDOWS\system32\sfbi.exe not found.
File/Folder C:\WINDOWS\system32\ukgupmod.exe not found.
C:\WINDOWS\SYSTEM32\BACMIMF.EXE moved successfully.
File/Folder C:\WINDOWS\system32\ajkxn.exe not found.

Created on 12/04/2007 12:04:50




rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:06:05, on 04/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\Wireless Console\wcourier.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\spoolsvc.exe
C:\WINDOWS\system32\bacmimf.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OpenOffice.org1.1.4\program\OOoVirgTray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\OpenOffice.org1.1.4\program\soffice.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hijackthis\eden.Exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [Spooler SubSystem App] C:\WINDOWS\system32\spoolsvc.exe
O4 - HKLM\..\Run: [Advanced DHTML Enable] C:\WINDOWS\system32\bacmimf.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PathOOOvirg] C:\Program Files\OpenOffice.org1.1.4\program\OOoVirgTray.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 1.1.4.lnk = C:\Program Files\OpenOffice.org1.1.4\program\quickstart.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?de8111cf13574958a38b652d0fda380a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?de8111cf13574958a38b652d0fda380a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1118334361543
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E940E80E-6C02-470B-90DE-FF7585BE188A}: NameServer = 217.194.130.1,217.194.129.30
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
0
Réponse 9 / 18
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
4 déc. 2007 à 13:07
analyse ce fichier sur virus total et colle moi le rapport: https://www.virustotal.com/gui/

C:\Program Files\PKR\pkrpal.exe

______________________


AVG antispyware

https://www.01net.com/telecharger/

Tuto :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html


->Relance AVG AS -> "Analyse" ->"Paramètres"

Sous la question "Comment réagir ?" :

-> clique sur "Actions recommandées" et choisis "Quarantaines"
-> Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"

Si un fichier est infecté en fin d'analyse

->Clique sur "Appliquer toutes les actions "

->Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous".

_____________________



Colle le rapport :
Clean permettra de faire du nettoyage et supprimer des fichiers que des anti-virus et anti-spywares n'ont pas pu trouver. Le logiciel est régulièrement mis à jour, vous devrez donc le re-téléchargé pour obtenir une version plus récente.

 Téléchargez clean.zip, décompressez-le sur votre bureau (clic droit / extraire tout), vous obtenez alors un dossier clean
 Démarrez Windows en mode sans échec : Guide pour redémarrer en mode sans échec
 Ouvrez le dossier clean qui se trouve sur ton bureau, et double-cliquez sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laissez la ouverte jusqu'à ce qu'elle se ferme.
Manuel de clean :
http://kerio.probb.fr/tuto-Clean-h37.html
0
Réponse 10 / 18
matt33
4 déc. 2007 à 13:44
Fichier pkrpal.exe reçu le 2007.11.23 15:58:25 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 1/32 (3.13%)

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 - - -
AntiVir - - -
Authentium - - -
Avast - - -
AVG - - -
BitDefender - - -
CAT-QuickHeal - - -
ClamAV - - -
DrWeb - - -
eSafe - - -
eTrust-Vet - - -
Ewido - - -
FileAdvisor - - -
Fortinet - - -
F-Prot - - -
F-Secure - - -
Ikarus - - -
Kaspersky - - -
McAfee - - -
Microsoft - - -
NOD32v2 - - -
Norman - - -
Panda - - -
Prevx1 - - Heuristic: Suspicious Hijacker
Rising - - -
Sophos - - -
Sunbelt - - -
Symantec - - -
TheHacker - - -
VBA32 - - -
VirusBuster - - -
Webwasher-Gateway - - -
Information additionnelle
MD5: 16a6c83606017053fffe8d2bab5363ff
0
Réponse 11 / 18
matt33
4 déc. 2007 à 14:30
rapport avg as
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 14:21:12 04/12/2007

+ Résultat de l'analyse:



C:\System Volume Information\_restore{FF7AADAC-3FA8-41D3-B254-4C0327EE4726}\RP250\A0053439.exe -> Proxy.Ranky.gn : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{FF7AADAC-3FA8-41D3-B254-4C0327EE4726}\RP250\A0053440.exe -> Proxy.Ranky.gn : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{FF7AADAC-3FA8-41D3-B254-4C0327EE4726}\RP250\A0053441.exe -> Proxy.Ranky.gn : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{FF7AADAC-3FA8-41D3-B254-4C0327EE4726}\RP250\A0053442.exe -> Proxy.Ranky.gn : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{FF7AADAC-3FA8-41D3-B254-4C0327EE4726}\RP250\A0053443.exe -> Proxy.Ranky.gn : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{FF7AADAC-3FA8-41D3-B254-4C0327EE4726}\RP250\A0053444.exe -> Proxy.Ranky.gn : Nettoyé et sauvegardé (mise en quarantaine).
C:\_OTMoveIt\MovedFiles\WINDOWS\SYSTEM32\BACMIMF.EXE -> Proxy.Ranky.gn : Nettoyé et sauvegardé (mise en quarantaine).
[3708] C:\WINDOWS\system32\bacmimf.exe -> Proxy.Ranky.gn : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.57:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.61:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.62:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.63:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.64:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.65:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.66:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.67:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.157:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.158:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.159:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.160:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.161:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.162:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.163:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.164:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.165:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.166:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.167:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.168:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.169:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.170:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.171:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.172:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.173:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.174:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.175:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.176:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.177:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.178:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.179:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.180:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.542:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.641:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.692:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.716:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.729:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.750:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.884:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@adbrite.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@cbs.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.797:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.798:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.799:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@www.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.249:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.250:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.251:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.252:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.253:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.254:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.255:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@adrevolver[1].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@media.adrevolver[1].txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.278:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.279:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.23:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.24:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.25:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.26:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.27:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.98:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.18:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.50:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.742:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.401:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.402:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.404:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.876:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
:mozilla.877:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
:mozilla.878:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
:mozilla.879:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
:mozilla.885:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
:mozilla.51:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.245:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.395:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.396:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.397:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.398:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.873:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.874:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@media.fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.473:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.92:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.941:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.943:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.573:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.574:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@search.live[2].txt -> TrackingCookie.Live : Nettoyé.
:mozilla.237:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@ie.search.msn[2].txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.74:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.114:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.115:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.116:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.110:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
:mozilla.667:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.668:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.669:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.670:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.671:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.672:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.673:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.674:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.675:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.489:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.490:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.743:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.744:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.745:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.746:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.747:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.748:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@revsci[2].txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.54:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.55:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.56:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.58:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.59:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.60:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.68:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.69:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.10:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.11:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.13:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.14:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.6:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.9:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.543:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.544:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.545:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.546:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.547:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.548:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.549:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@specificclick[1].txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.263:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.265:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.266:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.267:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.268:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.269:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.270:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.271:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.634:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.635:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.636:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.101:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.102:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.103:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.104:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.105:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.418:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.15:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.16:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.17:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.638:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.756:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.791:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.792:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.793:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.794:C:\Documents and Settings\Mathieu\Application Data\Mozilla\Firefox\Profiles\emfyq3a2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Mathieu\Cookies\mathieu@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.


Fin du rapport
0
Réponse 12 / 18
matt33
4 déc. 2007 à 14:54
rapport clean
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 04/12/2007 a 14:47:55,71

Microsoft Windows XP [version 5.1.2600]

*** Suppression des fichiers dans C:

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\spoolsvc.exe

*** Suppression des fichiers dans C:\Program Files

*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
0
Réponse 13 / 18
matt33
4 déc. 2007 à 15:53
après deux scans en ligne et avec mon avg, je n'ai rien détecté
donc a priori la saleté a été éradiquée
Merci pour tout!!
0
Réponse 14 / 18
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
4 déc. 2007 à 16:54
ce n'est pas fini
il est encore dans ta restauration:


désactive la restauration système pour purger les virus qui seraient dedans (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre)

puis redemarre ton ordi

puis réactive la

__________________

recolle un rapport hijakcthis pour verifier
0
Réponse 15 / 18
matt33
4 déc. 2007 à 17:51
c'est fait

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:50:25, on 04/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\ASUS\Wireless Console\wcourier.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hijackthis\eden.Exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [Wireless Console] C:\Program Files\ASUS\Wireless Console\wcourier.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PathOOOvirg] C:\Program Files\OpenOffice.org1.1.4\program\OOoVirgTray.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 1.1.4.lnk = C:\Program Files\OpenOffice.org1.1.4\program\quickstart.exe
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?de8111cf13574958a38b652d0fda380a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?de8111cf13574958a38b652d0fda380a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1118334361543
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E940E80E-6C02-470B-90DE-FF7585BE188A}: NameServer = 217.194.130.1,217.194.129.30
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
0
Réponse 16 / 18
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
4 déc. 2007 à 17:57
slt
ton rapport est bon!!!!!!
__________________
sauf qu'il faudra mettre la nouvelle version d'internet explorer: la version 7

(demarrer puis TOUS LES PROGRAMMES puis WINDOWS UPDATE et mettre dans les mises a jour internet explorer 7)



et je te conseille de remplacer avg 7 par antivir
__________________



BONNE CONTINUATION!!!!!!!!!!!!!





pour protéger gratos ton ordi

http://www.commentcamarche.net/telecharger/logiciel 4 securite

mettre un antivirus

AVAST en français ou ANTIVIR (en anglais mais très efficace)
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
-------------
des anti-espions :
AD AWARE + SPYBOT +/- si tea timer non active de spybot: WINDOWS DEFENDER

+
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...

Rq : spybot et ad-aware on sorti de nouvelles versions cette année vérifiez que vous avez la dernière version
--------
un pare feu :
celui de Windows ou mieux KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit) ou sygate que tu as

https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
https://manuelsdaide.com/contact/
http://www.open-files.com/forum/index.php?showtopic=29277
http://www.commentcamarche.net/telecharger/telecharger 157 zonealarm

-----------

CCLEANER pour effacer les traces de surf
0
Réponse 17 / 18
matt33
4 déc. 2007 à 17:58
Merci pour tout!
0
Réponse 18 / 18
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
4 déc. 2007 à 18:08
de rien

bonne suite

mets ton probleme resolu au niveau de ton premier message (au dessu)
0

Discussions similaires

Google Chrome "  Échec de l'analyse antivirus "
jmpower -
RBmoon -

18 réponses
Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
TI college plus (calculatrice probleme)
help39 -
Utilisateur anonyme -

3 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses